Prerequisites
If a user requires the installation of non-standard software, please escalate the ticket to InfoSec queue with the following information. Without this information it will not be considered a valid request.
- What user(s) require this software
- How long they will require this software for
- What is the purpose of this software
- Any documentation submitted by vendor (if any)
- Formal privacy information for the software
Based on the information provided, the security analysts agree and make a determination on whether or not the software will be applicable in our environment.
Decision Factors
Factors as to if a software will be approved or not will be based on criteria such as:
- What type of application/software it is (such as local or extension)
- If it is a cloud based solution
- Where the data is being stored
- Will the application/software require privileges
- Is the application/software source compliant to Maddocks' policies.
- Is the source of the application/software from a non-sanctioned country
Next Steps
Please note that it is highly discouraged to install any unsanctioned software using an administrative account and any non-standard software should go through the official CAB process to ensure correct configuration of the software (ivanti, netskope, etc).
This will not be handled by the InfoSec team.