I am concerned with one of my vendors accessing our network. I have them using an SSL VPN client to connect. However, they have shown a lack of concern for security in the past. Not updating there applications, using old versions of Java/Oracle. Not having antivirus software installed or updated. In talking with one of there technician they stated that they would not be upgrading from Windows XP. I really don't want them to connect to my network with Windows XP after April 8th (XP retirement). Does anyone have a remote access policy that they are using for offsite vendors? I am looking for something that would state that they need to have a supported operating system, updated antivirus, updated 3rd party applications. Any help would be appreciated.
Thank you!