Re: [fw-wiz] Worms, Air Gaps and Responsibility

From: Paul D. Robertson (
Date: 05/10/04

  • Next message: Kelly, Chris W.: "RE: [fw-wiz] Worms, Wireless"
    To: Gwendolynn ferch Elydyr <>
    Date: Mon, 10 May 2004 11:12:33 -0400 (EDT)

    On Mon, 10 May 2004, Gwendolynn ferch Elydyr wrote:

    > I'm generally amused by the extent to which people panic about mobile
    > users - often while failing to take basic precautions about their internal
    > users.

    That's because a good portion of the recent worm infections were through
    the "hibernating laptop" vector- or at least that's the theory amongst
    those who needed to point a finger.

    > Beyond that, I think it's not accurate to presume that most mobile users
    > are satisfied with email and web access. One of the recurring questions
    > that we receive from our mobile users is "How can I access <foo>", where
    > <foo> is typically a document store, or a customer-facing application,
    > like a parts ordering database.

    All too true, but *if* it brings in the thought of internal segmentation,
    and internal firewalling, then I think it's a net benefit.

    > Granted, you could probably work up a web interface for -everything-, but
    > that's getting into a completely different headache [and it's still a
    > pain to get documents edited...]

    While I think that security by user class is a good step, I too think that
    laptop user isn't a good user class. However, I'd have no issues with
    using it as one to start the process of internal network

    Paul D. Robertson "My statements in this message are personal opinions which may have no basis whatsoever in fact." Director of Risk Assessment TruSecure Corporation
    firewall-wizards mailing list

  • Next message: Kelly, Chris W.: "RE: [fw-wiz] Worms, Wireless"