Firewall Wizards mailing list archives
Re: Firewall(s) "maxed" out
From: "Steven M. Bellovin" <smb () research att com>
Date: Mon, 18 Oct 1999 15:46:16 -0400
In message <3.0.3.32.19991017232841.0093d5d0 () pop sprynet com>, JSK writes:
I'll be the first to say I've not looked at this 'visto' till just now, and I only took a peek at it. I can't figure much about them from their web site, but I would have a REAL SERIOUS CONCERN with users having their (sometimes sensitive) company e-mail sent to an outside location, where it can be hacked/read/snooped/sniffed (blah blah) by anyone.
Yup, absolutely right.
And if you use technical mechanisms to bar use of visto, people who need (or
think they need) that sort of functionality will just forward their mail to
hotmail or yahoo or any of the other free mail services.
There are really only two choices: either persuade your users that *they*
don't want to do this, because *they* understand the security risks, or find a
mechanism that provides the necessary functionality as securely as possible.
You can't ban everything; some things, you have to manage. I'll quote Ranum's
Law: "You can't solve social problems with software".
Btw, what is your corporate policy on discussing sensitive business matters via cell phones?
--Steve Bellovin
Current thread:
- Firewall(s) "maxed" out Regan, Sharon (Oct 12)
- Re: Firewall(s) "maxed" out Joseph S D Yao (Oct 12)
- Re: Firewall(s) "maxed" out Johann G. Hautzinger (Oct 16)
- <Possible follow-ups>
- RE: Firewall(s) "maxed" out Regan, Sharon (Oct 16)
- RE: Firewall(s) "maxed" out JSK (Oct 18)
- Re: Firewall(s) "maxed" out Steven M. Bellovin (Oct 18)
- Re: Firewall(s) "maxed" out Joseph S D Yao (Oct 12)