Third-Party Access

Written Approval Required

Third-party users, including outsourcing organizations, business partners, contractors, and consultants, must obtain specific written approval from the IT Security Department Manager before accessing Bloomex internal systems via real-time computer connections.

Access Restrictions

• Third-party vendors are granted only inbound connection privileges based on a legitimate business need, as determined by the IT Systems Manager.
• These privileges are to be enabled only for the duration necessary to complete the approved tasks.
• For third-party access extending beyond one day, approval from the IT Security Department is required.

Only Public Information Posted

Employees must not place anything other than Bloomex public information in directories, servers, or locations where unknown parties might access it, unless prior approval has been obtained from the relevant information Owner.

Third-Party Security Requirements

• Third parties must secure their connected systems in alignment with Bloomex’s security requirements.
• Bloomex reserves the right to audit the security measures of third-party systems without prior notice.
• Bloomex also reserves the right to immediately terminate network connections with any third-party systems that fail to meet security requirements.

This policy ensures that third-party access to Bloomex systems is controlled, secure, and compliant with the company's standards.