Security Basics mailing list archives
Re: Wireless Guest Access
From: rohnskii () gmail com
Date: 14 Dec 2007 00:48:17 -0000
<snip) However, they give the same id and password to a bunch of consultants and only change it every 30 days. </snip} I'll leave the technical points to others, but will comment on the ID/Password situation. You have security concerns, yet you allow userid sharing? In this situation I would think that at the very least you would require unique userid's so you can track individual contractor access. And for these ID's you should enforce a rule disallowing multiple connections per ID. As well, you should be logging and tracking access by these id's even more closely than you do your internal employees. Don't you want/NEED to know specifically what files/folders these outsiders are accessing and what they are doing to them (Create,Read,Update,Delete)?
Current thread:
- Wireless Guest Access roberticoles (Dec 13)
- Re: Wireless Guest Access Wade Mackey (Dec 14)
- <Possible follow-ups>
- Re: Wireless Guest Access rohnskii (Dec 14)