How do you control\restrict access for your remote vendors who need to access your network to perform maintenance or work on their applications?
Temporary vpn access?
Give them RDS access to the servers that they need to work on?
Currently we just enable their AD accounts and give them vpn access for the time they need, would like to hear what others do.
An easy way to do this is to create an outgoing rule on your firewall to allow access to sites such as webex and gotomeeting. This way you can keep them out of your AD plus it's easy to enable and disable rules.