Beyond Trust – 8 Steps to Reduce Remote Access Security Risks & Tighten Control over Vendor Access
3.1 3.1.14 3.7 3.7.6 Access Control Maintenance
https://www.beyondtrust.com/blog/entry/8-steps-to-reduce-remote-access-security-risks-tighten-control-over-vendor-access
This article provides an overview of steps organizations can take to reduce remote access security risks.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-46r2.pdf
This NIST special publication provides information on security considerations for several types of remote access solutions.
https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_0/home?element=SC-7
The information system: a. Monitors and controls communications at the external boundary of the system and at key internal boundaries within the system; b. Implements subnetworks for publicly accessible system components that are [Selection: physically; logically] separated from internal organizational networks; and c. Connects to external networks or information systems only through managed interfaces consisting of boundary protection devices arranged in accordance with an organizational security architecture.