Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: PIX -> ISA -> OWA Configuration

From: "Behm, Jeffrey L." <BehmJL () bvsg com>
Date: Fri, 6 May 2005 09:00:45 -0500
On Thursday, May 05, 2005 2:21 PM, Paul Melson spake:


PS - How come nobody's come back with, "The most secure option is to

not use

OWA at all and make people check their e-mail from the office like

normal

human beings." ?

Even more restrictive: "Why not just completely disconnect from the 
Internet, send all computers to the shredder, and install DNA
authentication equipment to get in the front door?" Because we as
security
professionals have to help our companies to balance the risks with
keeping the business open. My company has folks traveling the globe
doing
work, sometimes sitting on other company's networks for a few days, and 
those companies may not allow VPN connectivity outbound, but do allow
HTTPS.
These folks have no ability to "come into the office to check their
email."



If you apply that option to the risk valuation I use
above, you get a sum of 0.  Clearly better than the rest.

May not be better than the rest if the physical security at said office
is less than adequate. We all need to remember to weigh all the risks,
not
just the technology ones.

Jeff
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: