Skip Navigation
Weaving a Secure Web Around Education: A Guide to Technology Standards and Security
  Table of Contents and Introductory Material
Chapter 1
  The Role of the World Wide Web in Schools and Education Agencies
Chapter 2
    Web Publishing Guidelines
Chapter 3
    Web-Related Legal Issues and Policies
Chapter 4
    Internal and External Resources for Web Development
Chapter 5
    Procuring Resources
Chapter 6
    Maintaining a Secure Environment
PDF File (1,119 KB)

Ghedam Bairu

(202) 502-7304

Appendix E - 4: Policies and Procedures (Samples): Dial-In Access Policy

(Rhode Island Department of Education)

1. Purpose

The purpose of this policy is to protect [Agency Name]'s electronic information from being inadvertently compromised by authorized personnel using a dial-in connection.

2. Scope

The scope of this policy is to define appropriate dial-in access and its use by authorized personnel.

3. Policy

[Agency Name] employees and authorized third parties (customers, vendors, etc.) can use dial-in connections to gain access to the corporate, or agency, network. Dial-in access should be strictly controlled, using one-time password authentication. Dial-in access should be requested using the corporate account request process.

It is the responsibility of employees with dial-in access privileges to ensure a dial-in connection to [Agency Name] is not used by non-employees to gain access to company information system resources. An employee who is granted dial-in access privileges must remain constantly aware that dial-in connections between their location and [Company Name] are literal extensions of [Agency Name]'s corporate network, and that they provide a potential path to the company's most sensitive information. The employee and/or authorized third party individual must take every reasonable measure to protect [Agency Name]'s assets.

Analog and non-GSM digital cellular phones cannot be used to connect to [Company Name]'s corporate network, as their signals can be readily scanned and/or hijacked by unauthorized individuals. Only GSM standard digital cellular phones are considered secure enough for connection to [Agency Name]'s network. For additional information on wireless access to the [Agency Name] network, consult the Wireless Communications Policy.

Note: Dial-in accounts are considered "as needed" accounts. Account activity is monitored, and if a dial-in account is not used for a period of six months, the account will expire and no longer function. If dial-in access is subsequently required, the individual must request a new account as described above.

4. Enforcement

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.