3rd Party Application Support

We run a few key 3rd party software applications that periodically require the vendor to access our systems, via modem, for problem resolution or implementation support.

Upon review of our security policies, we realized that we do not have any requirement for the vendor to sign a confidentiality or non-disclosure agreement.

Any recommendations for the wording of such a document or other suggestions on the best way to protect ourselves.

Thanks for your input.