Third-Party Vendor Access

Overview

Third parties who access CSU information assets must be required to adhere to appropriate CSU and campus information security policies and standards. The CSU Information Security policy, which adheres to ISO 27002:2013, provides direction and support for managing third party relationships and guidance for granting access to third parties.

Are you eligible?

Current faculty and staff; system administrators in academic; and administrative departments can request vendor accounts.

Cost

There is no direct cost to you or your department.

Get Started

To request third-party vendor access or make changes to existing vendor account access, please see below for further instructions.

If a request is made for a new vendor account and vendor group, the SDSU Sponsor will create a ServiceNow ticket and provide the following information:

  • SDSU Sponsor Name
  • SDSU Sponsor Department
  • New Vendor Representative: First Name, Last Name, Email Address, Phone, and Company, Access End Date of Vendor Account
  • IP Addresses and Network Ports (e.g. 443 [HTTPS], 80 {HTTP], 3389 [RDP}, etc.) that the vendor will need access to
  • SDSU Sponsor Name
  • SDSU Sponsor Department
  • Description of Changes Requested
  • Existing Vendor Representative(s) to be deleted or
  • New Vendor Representative to be added (provide first name, last name, email address, phone, and company, access end date of vendor account)

If a request is made for updates to existing access requirements, the SDSU Sponsor will create a ServiceNow ticket and provide the following information:

  • SDSU Sponsor Name
  • SDSU Sponsor Department
  • Description of Changes Requested
  • Existing firewall rules to be deleted or
  • New firewall rules to add (provide IP addresses and ports)

Get Help

Submit a ServiceNow ticket. Access should only be activated on an as-needed basis and disabled when not in use.

Get Help

To request a service, create a ServiceNow Ticket and assign the ticket to “IT-ITSO-Help Desk”. Connect with us at [email protected] for security-related-questions, consulting, and incident reporting.

IT Security Office
Administration Building
[email protected]

Report an Incident

Please contact the Information Security team immediately if you experience or are aware of any of the following: