Third Party System Access Agreement

All extranet links or access to network resources must be accompanied by a valid business justification approved by the third party and by the KDCC contractor or the legitimate agent. Typically, this function is performed under the third-party contract. All new Extranet connectivity goes through a security check with the Office of IT Manager. The purpose of the audits is to ensure that each access best meets commercial requirements and that the principle of least access is respected. All network connections and resources that require access to non-public resources are covered by this directive, regardless of the technology used for the connection. Connecting to third parties, such as internet service providers (Internet service providers, ISPs), which provide access to the internet for XXX or the public telephone network, is NOT a matter of this directive. If access is no longer required, the sponsor must inform the IT manager in XXX, which ends access. This may mean changing existing permissions until the end of the circuit. IT security teams must check their respective connections each year to ensure that all existing connections remain necessary and that the access provided meets the requirements of the connection.

Links that have been established to be obsolete and/or are no longer used for commercial transactions or other authorized business transactions are immediately terminated. If a security incident or finding that a circuit is obsolete and is no longer used to conduct commercial transactions or other authorized business transactions requires a change in existing authorizations or a termination of connectivity, the IT manager will notify the POC of the contracting authority to sponsor the change before any action. This document describes the policy under which third parties or organizations link to or access network resources on XXX networks for transactions related to KDCC or other authorized business transactions. All contracting powers that wish to implement connectivity or access to network resources for a third party must submit an Extranet connectivity request to it Manager, signed by a „third party agreement“ signed by the third party, organization or legitimate agent. The IT manager will then task the third party to solve the security problems inherent in the project. The sponsorship contract authority must provide, as it wishes, comprehensive and comprehensive information on the nature of the access offered to the information technology manager.

Kontaktujte mě
Zpět na začátek