Firewall Wizards mailing list archives
The Thorny Issue of Consultant Access
From: Tina Bird <tbird () imhotep cerner com>
Date: Fri, 12 Dec 1997 11:20:10 -0600
Hi all -- Amongst my more mundane duties, I'm working with a couple of groups within my organization to help develop policy and procedures to handle consultant access to our corporate network, as well as access by Cerner associates >and< consultants to our client locations for troubleshooting and support. It's a discouraging mire, to say the least -- to try to balance the security principles of accountability and least privilege with the management challenge of the ever-changing population of people who require access to sensitive systems and information. We're working with a couple of home-grown systems, as well as looking at the applicability of TACACS+/RADIUS and their relatives. But I'd be grateful for feedback from other people struggling with this issue. Does your company permit access into its corporate resources? How about outbound access into your client base? What sort of authentication tools do you use, and how do you manage them? I'm trying to get a sense for what "best practice" is in this area, and what other large, customer-service oriented organizations are doing. Thanks for any feedback. If people are more comfortable replying to me privately, I'll summarize for the list. Cheers -- Tina Bird Internet Services Manager Cerner Corporation
Current thread:
- The Thorny Issue of Consultant Access Tina Bird (Dec 12)