Request review of access control policy updates

[warmanaMOJ]

Hello @L-Crosby and @cybersquirrel

Following feedback and updates, the access control material has been revised and updated. Previews of the material are available as follows:

• Access control policy 'landing page'
• Device access control policy - new topic
• Enterprise access control policy - minor updates
• User access control policy - revised version of original overall access control policy

Please may I request a review of these updates?

A full set of the changes introduced may be previewed here.

Many thanks.

[cybersquirrel]

Hello @warmanaMOJ,

The changes all appear sensible enough to me, with the exception of the Device Access Control policy. I don't understand what we're trying to achieve with this one, as it seems to fly in the opposite direction of a Zero Trust architecture. I can see circumstances where it's important to control which devices can be on a given bearer network (such as in the prison context, and we have text in our WiFi policy along these lines). I think I must be missing something!

Jon.

[cybersquirrel]

Hello,

Further to our chat earlier, I think I can refine my question on this. The policy talks about a "protected network" - but this term doesn't seem to be defined. So if it's all MoJ networks then my question above applies; if it's a subset of MoJ networks, then depending on what the subset is, all may be well in the world.

Thank you!

Jon.