a. MFA shall be required for all users of the Bureau’s VPN.
b. VPN users shall be responsible for all activities identified with the account.
c. One-time password/pin shall be generated using a mobile application or sent through the registered BIR email address.
d. VPN users with existing access or requesting for new access (both BIR employees and third party service providers) shall accomplish two (2) copies of Server Network Access Request Form (SNARF) (see Annex A) with appropriate Network Diagram attached.
e. Accomplished/Signed SNARF with appropriate Network Diagram shall be submitted to Security Management Division (SMD). Other necessary documents maybe required upon evaluation, if needed (e.g. NDA (3rd party), Justification letter, etc.). VPN access request shall only be evaluated by SMD upon submission of complete documentary
requirements.
f. Account locked out shall be imposed after a maximum of three (3) consecutive invalid log in attempts. User with locked account or forgotten password shall be logged in BIR Service Desk System for unlocking of account or resetting of password.
g. Any issue or difficulties encountered associated with the use/enrollment of MFA shall be reported to SMD.