If you do not feel 100% comfortable with someone else entering your network, then don't do it.
Paul J Carroll Technical Manager 412.281.7488 -----Original Message----- From: Glenn English [mailto:[EMAIL PROTECTED] Sent: Monday, March 10, 2003 1:00 PM To: [EMAIL PROTECTED] Subject: RE: Vendor wants remote control of our Servers and Workstations On Mon, 2003-03-10 at 07:45, John Brightwell wrote: > Personally I think allowing this level of access to an > internal system is a big risk. Bear in mind that if > this vendor uses the same method to support a number > of customers the vendor may be a choice subject to > attack (someone may break into their network to gain > access to a targetted customer network). So, even if > your company isn't a premium target you may still get > hit. > I'll be interested to hear other people's comments ... > more and more vendors are proposing this sort of > support access (they save a lot of time in dealing > with problems because they don't have to interact with > the customer - I'd say that they can also 'relax' the > quality requirements in recruiting engineers because > their deficiancy is less obvious to the customer when > there's little interaction). I'm but a newbie, but according to 'most everything I've read here and in books, this customer's request falls into the "don't be silly" category: giving that kind of access to your networks and servers just isn't done. Might it not be better to install a new machine, call the arrangement with them "co-location", and let them do anything with it they want? And then have them give *you* access to *their* machine? It is, of course, possible that I'm missing something here... -- Glenn English [EMAIL PROTECTED]
