That would be one way, but a lot of the problem is unplanned cross-access. It's (relatively) easy to isolate network permissions and access at a single location, but once you have multi-site configurations it gets more complex. Especially when you have companies out there that consider VPN a reasonable way to handle secure data transfer cross-connects with vendors or clients. On 10/07/2018 10:53 PM, Naslund, Steve wrote:
You just need to fire any contractor that allows a server with sensitive data out to an unknown address on the Internet. Security 101.
Steven Naslund
From: Eric Kuhnke <eric.kuhnke@gmail.com>
many contractors *do* have sensitive data on their networks with a gateway out to the public Internet.
-- Daniel Taylor VP Operations Vocal Laboratories, Inc. dtaylor@vocalabs.com http://www.vocalabs.com/ (612)235-5711