WordPress Database VPN Access Policy

WordPress Database VPN Access Policy

1. Purpose

This policy aims to ensure secure methods are used to connect to the MySQL databases behind the university’s WordPress websites remotely over the internet. VPN usage and additional safeguards are required to prevent unauthorized access.

2. Scope 

This policy applies to developers, administrators, contractors or other personnel who require remote access to the MySQL databases powering the university’s WordPress sites.

3. Policy

3.1 VPN Required

– All remote database connections must be made via the university’s approved VPN service. Direct internet access is not allowed.

3.2 Access Controls

– Access will only be granted to authorized personnel based on justified need. Multi-factor authentication will be required.

3.3 Encryption 

– VPN tunnels and database connections must utilize encryption protocols like SSH, TLS or SSL to secure data in transit.

3.4 Activity Monitoring

– Logging will record activity for auditing and identification of suspicious access.

3.5 Patching 

– VPN servers and clients must be kept updated with the latest security patches.

3.6 Special Caution

– Caution should be taken when accessing the database from public networks to avoid interception of credentials or data.

4. Compliance

– Policy violations may result in termination of remote access privileges.

– Breaches of the VPN tunnel or database will be investigated and prosecuted. 

5. Responsibilities

– Database Admins – Provide access and manage credentials

– Network Admins – Maintain VPN infrastructure and security

– All Personnel – Follow policy and secure devices