This is a discussion on RE: [fw-wiz] PIX -> ISA -> OWA Configuration - Firewalls ; On Thursday, May 05, 2005 2:21 PM, Paul Melson spake: >PS - How come nobody's come back with, "The most secure option is to not use >OWA at all and make people check their e-mail from the office like normal ...
On Thursday, May 05, 2005 2:21 PM, Paul Melson spake:
>PS - How come nobody's come back with, "The most secure option is to
>OWA at all and make people check their e-mail from the office like
>human beings." ?
Even more restrictive: "Why not just completely disconnect from the=20
Internet, send all computers to the shredder, and install DNA
authentication equipment to get in the front door?" Because we as
professionals have to help our companies to balance the risks with
keeping the business open. My company has folks traveling the globe
work, sometimes sitting on other company's networks for a few days, and=20
those companies may not allow VPN connectivity outbound, but do allow
These folks have no ability to "come into the office to check their
>If you apply that option to the risk valuation I use
>above, you get a sum of 0. Clearly better than the rest.
May not be better than the rest if the physical security at said office
is less than adequate. We all need to remember to weigh all the risks,
just the technology ones.
firewall-wizards mailing list