Re: [fw-wiz] Worms, Air Gaps and Responsibility

From: Paul D. Robertson (paul_at_compuwar.net)
Date: 05/10/04

  • Next message: Kelly, Chris W.: "RE: [fw-wiz] Worms, Wireless"
    To: Gwendolynn ferch Elydyr <gwen@reptiles.org>
    Date: Mon, 10 May 2004 11:12:33 -0400 (EDT)
    
    

    On Mon, 10 May 2004, Gwendolynn ferch Elydyr wrote:

    > I'm generally amused by the extent to which people panic about mobile
    > users - often while failing to take basic precautions about their internal
    > users.

    That's because a good portion of the recent worm infections were through
    the "hibernating laptop" vector- or at least that's the theory amongst
    those who needed to point a finger.

    > Beyond that, I think it's not accurate to presume that most mobile users
    > are satisfied with email and web access. One of the recurring questions
    > that we receive from our mobile users is "How can I access <foo>", where
    > <foo> is typically a document store, or a customer-facing application,
    > like a parts ordering database.

    All too true, but *if* it brings in the thought of internal segmentation,
    and internal firewalling, then I think it's a net benefit.

    > Granted, you could probably work up a web interface for -everything-, but
    > that's getting into a completely different headache [and it's still a
    > pain to get documents edited...]

    While I think that security by user class is a good step, I too think that
    laptop user isn't a good user class. However, I'd have no issues with
    using it as one to start the process of internal network
    comparmentalization.

    Paul
    -----------------------------------------------------------------------------
    Paul D. Robertson "My statements in this message are personal opinions
    paul@compuwar.net which may have no basis whatsoever in fact."
    probertson@trusecure.com Director of Risk Assessment TruSecure Corporation
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Kelly, Chris W.: "RE: [fw-wiz] Worms, Wireless"