[unisog] Remote Access for vendor support

Dax dax at resnet.ucsb.edu
Thu Sep 11 21:21:02 GMT 2003


	For the few people that do need remote admin access, they are
asked to provide the support workstation IP address, and I add an
exemption for them in my PiX config...when they need to do work, an
employee says "Hey, can we let so-and-so have accesss", and I change the
rule from deny to permit.  When they're done, I change it back.
	By no means effective if you're dealing with hundreds of vendors,
but it works pretty well for me here...

/Dax


On Thu, 11 Sep 2003, Bob Smith wrote:

> We have been seeing a continuing trend towards new contracts and renewals 
> where the vendors are "demanding" remote administrator access (terminal 
> services, pcanywhere, etc.) to our servers to provide support.  We have had 
> some success in handling most of our support issues over the phone, but it 
> appears lately that if we balk on the remote access then they won't provide 
> any support.  Its their way or the highway!
> 
> I am looking for input as to how others have dealt with these issues and 
> how you may have or have not compromised with the vendor to find a viable 
> solution.
> 
> BTW, we do NOT have an active policy to cover this (shame on me) but I 
> didn't want to draft something up that would come back to haunt us later.
> 
> Thank you for your time.
> 
> Bob Smith
> Information Security Administrator
> Longwood University
> 
> 




More information about the unisog mailing list