How The Travel Policy Works.
The purpose of this documentation is to show the process flow and necessary information on how to manage Overseas travel requests. The main change is that no Maddocks resources will be accessible outside of Australia due to new Conditional Access policies, and to access the Maddocks environment will require different levels of approval which is outlined below.
1. Initially, a staff member will notify Helpdesk of their overseas travel via ticket.
2. If the user ONLY wants international roaming on their mobile for Calls/Texts (not accessing company resources). Please use this guide: DOP - International Roaming Travel Packs | Knowledge Base | Helpdesk
3. If the user does intend on accessing company resources, Help desk will then gather information based on the tables below. This can then be supplied to General Counsel for approval (if applicable).
4. Send information to General Counsel via email.
5. Notify user once approved or denied.
6. Apply PIM to account for specified dates.
7. Close ticket.
Determining Required Approval.
The below table shows that if a user wishes to travel to restricted countries, they may need approval from General Counsel. Follow the table from left to right, which will dictate if General Counsel approval is required.
If approval is required, the below form will need to be supplied to General Counsel ([email protected], [email protected] & [email protected]) and will be approved, or denied at their discretion.
| Travel Countries | Commonwealth Matters |
Approval Required |
| Restricted (Russia, Ukraine, Syria, Iran, North Korea, USA, China) | Always Required | Yes |
| All countries excluding restricted |
Yes | Yes |
| All countries excluding restricted |
No |
No |
Required Information for General Counsel.
This data will need to be supplied to General Counsel in an email. If the application is approved, apply the PIM to the user with dates set to expire and close ticket.
| Item | Information |
| Staff Member's Name | |
| Travel Countries | |
| Travel Dates |
|
|
Do they work on Commonwealth matters? |
|
|
Phone number for support during your travel |
How to apply PIM to user account
1. Azure
a) From BeyondTrust, open Azure.
b) In the search bar, locate: - Please note, that if a user is traveling to multiple countries that include both restricted and non-restricted, if approved they will need to be added to BOTH groups below.
Maddocks - CA - SignIn Exempt - Travel Overseas (for non-restricted countries and USA specifically - USA does still require approval, but goes in this group.)
Maddocks - CA - SignIn Exempt - Travel Blocked Country (for restricted countries, approval required)
c) Within the group, find "Privileged Identity Management" under "activity" (otherwise known as PIM)
2. PIM
a) Within PIM, select "Add assignments"
b) In the "Select Role" drop-down menu, set as Member
c) Search for members within the 'select members' link
d) Set as 'active' and input the required timeframe (check dates AND times - departure time should be 12:30am and arrival time should 11:30pm)
e) Add in ticket number within the justification
Extensions.
If an extension is required, this must be noted in the ticket, and if required sent through to General Counsel ([email protected], [email protected] & [email protected]) again for approval. The specified date for PIM group should be set to the new date of return.