[unisog] Remote Access for vendor support
dax at resnet.ucsb.edu
Thu Sep 11 21:21:02 GMT 2003
For the few people that do need remote admin access, they are
asked to provide the support workstation IP address, and I add an
exemption for them in my PiX config...when they need to do work, an
employee says "Hey, can we let so-and-so have accesss", and I change the
rule from deny to permit. When they're done, I change it back.
By no means effective if you're dealing with hundreds of vendors,
but it works pretty well for me here...
On Thu, 11 Sep 2003, Bob Smith wrote:
> We have been seeing a continuing trend towards new contracts and renewals
> where the vendors are "demanding" remote administrator access (terminal
> services, pcanywhere, etc.) to our servers to provide support. We have had
> some success in handling most of our support issues over the phone, but it
> appears lately that if we balk on the remote access then they won't provide
> any support. Its their way or the highway!
> I am looking for input as to how others have dealt with these issues and
> how you may have or have not compromised with the vendor to find a viable
> BTW, we do NOT have an active policy to cover this (shame on me) but I
> didn't want to draft something up that would come back to haunt us later.
> Thank you for your time.
> Bob Smith
> Information Security Administrator
> Longwood University
More information about the unisog