Re: Worms, Air Gaps and Responsibility

["Paul D. Robertson" <paul () compuwar net>]

On Mon, 10 May 2004, Gwendolynn ferch Elydyr wrote:

> I'm generally amused by the extent to which people panic about mobile
> users - often while failing to take basic precautions about their internal
> users.

That's because a good portion of the recent worm infections were through
the "hibernating laptop" vector- or at least that's the theory amongst
those who needed to point a finger.

> Beyond that, I think it's not accurate to presume that most mobile users
> are satisfied with email and web access.  One of the recurring questions
> that we receive from our mobile users is "How can I access <foo>", where
> <foo> is typically a document store, or a customer-facing application,
> like a parts ordering database.

All too true, but *if* it brings in the thought of internal segmentation,
and internal firewalling, then I think it's a net benefit.

> Granted, you could probably work up a web interface for -everything-, but
> that's getting into a completely different headache [and it's still a
> pain to get documents edited...]

While I think that security by user class is a good step, I too think that
laptop user isn't a good user class.  However, I'd have no issues with
using it as one to start the process of internal network
comparmentalization.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul () compuwar net       which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards