Remote Access Rules (Offsite Work Requirements)

# Remote Access Rules (Offsite Work Requirements)

When working offsite (home, hotel, coffee shop, travel), you must follow Front Row Group remote access rules to protect company systems and data.

---

## VPN Required for Accessing

✅ **VPN is required to access:**
- **Catapult (Dashboard)**  
This applies to remote employees working outside the NY or San Diego offices.

---

## Approved VPN Tool

Use **FortiClient VPN** only.

### Remote Gateways
- **East:** https://freastvpn1.fortressbrand.com  
- **West:** https://frwestvpn1.fortressbrand.com  

### Required Setup Options
When setting up the VPN profile:
- ✅ Enable **Single Sign-On (SSO)**
- ✅ Enable **Customize Port**

### Authentication
- Sign in with your **Front Row Google login**
- Complete **2FA**

---

## What’s Blocked / Not Allowed on Public Networks

When you're **not on VPN** or you're on public networks (hotel Wi-Fi, airplane internet, coffee shop hotspots):

- ❌ No access to Catapult
- ❌ No connecting unmanaged personal devices
- ❌ No remote desktop or peer-to-peer file sharing tools
- ❌ No split tunneling (partial VPN use is not allowed)

---

## Additional Remote Security Requirements

- 2FA is enforced on all Front Row Google logins
- All devices must be enrolled in:
 - **Mosyle (Mac)** or
 - **Intune (Windows)**
- No personal Apple IDs or unmanaged endpoints
- Use only the official FortiClient VPN app—no other VPNs or tunneling apps allowed

🧠 Rule of thumb: If you’re off trusted Wi-Fi, connect to VPN before using secure apps.

---

## Need Help?

Email help@frontrowgroup.com  
Or post in Slack: #it-tech-help