Technology Procedure Categories
IT Vendor remote support access policy
This procedure outlines the process for providing secure access for remote vendors and/or service providers to premise installed system components.
When Was This Policy Written?
March 18, 2017
When Was This Policy Updated?
Who Should Read This Procedure?
WSC NATS staff
All remote vendor support must be performed on encrypted sessions with appropriately secure ciphers.
- In cases where a service is a vendor managed service:
- Remote support is always available to the vendor and will be protected via an auditable login technology such as VPN
- Once VPN authenticated, remote support may be accomplished via virtual console, remote desktop, or similar tool as determined by platform and business need
- The vendor will have a dedicated account (or accounts) with access limited to facilitate only the business functions required under the service agreement
- In cases where the service is managed locally but a vendor may be asked to provide remote support for specific events:
- If auditable VPN authentication is practicable, NATS may, at their discretion use the above process as if the service is managed, or:
- Remote support is initiated by WSC staff by
- Enabling the vendor support account and/or
- Creating a remote support session
- Upon termination of the support engagement, WSC staff must:
- Ensure remote session has been terminated
- Disable the vendor support account
Last Updated: 3/22/2017