Educause Security Discussion mailing list archives
Re: Vendor Server Access
From: "Greene, Chip" <cgreene2 () RICHMOND EDU>
Date: Fri, 24 Sep 2010 11:54:12 -0400
We set up each of our vendors with unique credentials and allow them VPN access. Each credential is stored in a database with a responsible university employee assigned. All traffic is tunneled to campus and only allow traffic to their specific servers, and only the necessary ports to complete their support function (rdp, ssh, etc.) Vendors Internet access is blocked while vpn'd into network also. On top of the network security, we require vendors to have individual login credentials to the servers they support. Local firewalls only allow specific traffic from the vendor reserved IP address as well. All of these connections are documented in a server/application portology diagram as well. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Abreu, Jose A Sent: Friday, September 24, 2010 11:37 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Vendor Server Access We are in the process of setting up new guidelines on how vendors access our servers as well as application owners. Can you share any insight on how your institution is handling this? Jose Abreu University of Miami (Voice) 305.284.5213 (Fax) 305-284-5213 ________________________________ Information Services (including the HelpDesk) will NEVER ask for your password or other personal data via email. Messages requesting such details are fraudulent. DELETE THEM WITHOUT REPLY.
Current thread:
- Vendor Server Access Abreu, Jose A (Sep 24)
- Re: Vendor Server Access Julian Y. Koh (Sep 24)
- Re: Vendor Server Access Alex Keller (Sep 24)
- Re: Vendor Server Access Greene, Chip (Sep 24)
- Re: Vendor Server Access Jeff Kell (Sep 24)
- Re: Vendor Server Access Bradley, Stephen W. Mr. (Sep 26)
- Re: Vendor Server Access Hugh Burley (Sep 24)