The New Requirement and Issue at Hand With an increase in IT cost cutting, and the development of more and more specialized technologies and services available to solve existing IT and unaddressed security issues, many organizations are making the choice to enlist the help of vendors and consultants who provide specialized solutions and services instead of relying solely upon internal resources. A new requirement has emerged as remote vendors require privileged access to the organization's infrastructure in order to fulfill their expectations. Since many companies have already invested heavily to provide remote access solutions (tokens, VPNs, etc) to their employees, they look to leverage existing solutions for their remote vendors.

This paper will focus on why not all access should be treated equally. Neglecting to treat Remote Vendor Access™ (RVA) differently from traditional remote access for employees can introduce security risks ranging from virus infection to unauthorized access and non-compliance.