I am looking at the possibility of setting up a VPN so teachers can access files from home. Any idea's of cost and how easy it is to set up? Its not something I've thought of to be honest.
Anything to look out for? Any advise?
VPN would mean you would need to encrypt all the laptops (whatever the staff use), I would go for terminal server, Windows 2008 comes with HTTPS support.
We haven't got 2008. We're still on Server 2003 r2.
They want to access files, and sims from home. I'm not sure how it all works to be honest.
Secure Communications, Secure Networking, Secure Application Access, SSL VPN, High Assurance IPSec VPN Encryptor, Hardware Security Modules, HSM, Terminal Services, Windows Remote Access, Public Key Infrastructure, Identity Based Access Control, IBAC
There is a free version, basically it's the same sort of idea as is built into W2K8, but it's Java based rather then .net.
Might be worth looking at getting 1 w2k8 server, then setting it up with ts gateway with HTTPS.
Sorry I can't remember the free version url, I know it's on sourceforge.
The problem with VPN is that you'll have to support staff home pc etc with office, sims etc, then you've got the whole security thing, where hdd must be encrypted. Personally, go for the "thin client" idea. David Hicks I think might be able to help more, I know he (and someone else) was looking at having SIMS on a terminal server (then remoting into it).
Last edited by matt40k; 18th March 2009 at 03:53 PM.
Why does providing a vpn for external use mean the need to encrypt the laptops?
but if the files were on a drive located in the school that was accessed through the VPN...?
just because you have access via a vpn doesn't mean the laptops have to be encrypted.
According to the BECTA guidelines laptops containing sensitive information should be encrypted, also there are no deadlines as far as I can see on when encryption should be implemented.
That will be next I am sure.
VPN or thin client access allows the same access to info.
VPN probably requires an additional login process or maybe 2 factor authentication.
Thin client will have zero files other then maybe a few dll.
VPN, for sims, will have your a number of files around your local machine. Capita won't recommend this.
Basically look in: My SIMS Documents
Also, if I run a report, that say, exports all the students details to my C Drive, you've just breached the Data Protection Act if your local hdd isn't encrypted.
localzuk (18th March 2009)
But as I said, if you're just opening the files remotely, and not actually copying them across, then that necessity is removed.
I am in the same boat as you are sippo I believe Sims Capita learning gateway sounds like what we need to protect Sims data... Have a chat with your Sims Manager about this software!!! Plus before 2010 you will need a portal so students and there parents can access schools data from home...
Hope this helps...
I didn't contradict myself I just kept typing while thinking
As I said just because you have vpn access doesn't mena you need to encrypt.
If you copy files to the laptop over the vpn then yes.
Allthough I'll contradict myself again now because as we all know the moment you turn a computer/laptop off the memory doesn't immediately clear but takes time, this means an attack can be leveraged against the memoery if you have physical access.
Therefore you could say that becuase it's been opened it's available from the memory.
This is also an attack vector against truecrypt.
There are currently 1 users browsing this thread. (0 members and 1 guests)