RE: Secure Intranet?

["Dozal, Tim" <tdozal () cisco com>]

My 2c

Use a VPN with some type of RSA or rotating DEC key as the login
password for the users.

A tool like this can be used to generate the user passwords at each
login:
http://www.emj.com/specs/secure.prods/safeword.html

Tim



-----Original Message-----
From: Nathan [mailto:nathan.grandbois () cerdant com] 
Sent: Friday, November 01, 2002 11:21 AM
To: 'Alan Cooper'; security-basics () security-focus com
Subject: RE: Secure Intranet?


I would go with VPN's. Depending on the number of execs and how much you
trust them (if only a few with high trust I'd use a preshared secret
with the VPN) otherwise look into VPN with certificates.

My 2 cents,
        nathan



-----Original Message-----
From: Alan Cooper [mailto:imalcooper () yahoo com]
Sent: Thursday, October 31, 2002 10:45 PM
To: security-basics () security-focus com
Subject: Secure Intranet?


I have client that would like to have its confidential
data (medical records) available to traveling
executives.

What is the most secure way to set this up?  Secure
web site using private certificates?  Go with VPN's?
Tell the client forget the idea because there is no
good way to secure confidential data exposed to the
Internet?

Suggestions...

Thanks for your help.

Al Cooper


__________________________________________________
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/