How Do Other IT Teams Manage External Vendor Access Cleanup?

0
6
Asked By CuriousCat123 On

I'm really interested in how different IT teams handle the cleanup of external vendor access. When do you typically review or revoke access for these external parties? Is it initiated by someone on the team, on a regular schedule, or is it more of an afterthought? If you don't have a proactive process in place, what are the obstacles? I'm looking to gather insights from others on this topic. Thanks!

3 Answers

Answered By TechWiz88 On

We usually clean up vendor access when we lose trust in them. That’s when we know it’s time to review their access and take action.

UserTalks21 -

I understand that! But does it make finding and removing access easy, or is it often a manual process to track down users that need to be cut off?

Answered By AccessPro202 On

We grant access for a limited time only. For instance, when a vendor requires access, we provide them with a VPN account that has an expiry date. This way, even if we forget, the account will eventually expire automatically.

QuickFix259 -

That sounds like a smart method! Does this expiration system work well across all your platforms, or is it mainly for core systems like VPN and Active Directory? What about tools like Jira?

Answered By VendorGuard30 On

The approach really depends on the vendor, the purpose of their access, and the level of trust we have. Some vendors can only access certain areas under supervision, while others might have full access without oversight. For example, our network and firewall support partners have admin access to critical devices because they need it.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.