Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Student workers & shared drive restrictions

From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Mon, 1 Jun 2009 14:46:46 -0400
On Mon, 01 Jun 2009 14:01:17 EDT, Brad Judy said:

What about simply using the host firewall on the file server to only allow
connections from departmental machines?  This is the typical way to resolve
this issue and I've used it many times.


Works great, unless you have other shares that you *do* want accessible from
other non-departmental machines (consider the case where some shares are
accessible via VPN connections, for instance).

A related question would be:  What sort of misbehavior is the original poster
trying to prevent by only allowing access when they're using computers in the
department?  Hopefully those systems don't have any user-accessible USB ports
on them, or web or e-mail access, or any of the zillions of other ways they
could abscond with sensitive information while logged in on the departmental
computer...

(I'm not saying the original poster doesn't have a legitimate business need,
I'm just an idiot and not understanding the problem he's trying to solve yet).

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: