VPN Access for Consultants
From: Louis Cypher (louisecypher_at_hotmail.com)
Date: 11/21/03
- Previous message: John Cole: "Prebuilt Bootable ISO for wireless assessment?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: security-basics@securityfocus.com Date: Fri, 21 Nov 2003 05:01:35 -0700
I totally agree with you Jenn. How long are they going to be there? Once
and if you allow this, who knows what there network is like, I do not allow
unknown networks access to my networks. I will not and cannot controll and
monitor what is coming acrosss the line. Better safe than sorry. Never
assume and trust no one, it can save you a lot of headaches. ; )
>-----Original Message-----
>From: Alessandro [mailto:a.bottonelli@infinito.it]
>Sent: Thursday, November 20, 2003 1:16 PM
>To: security-basics@securityfocus.com
>Cc: Jennifer Fountain
>Subject: Re: VPN Access for Consultants
>
>
>On Thursday 20 November 2003 00:28, Jennifer Fountain wrote:
> > They
> > proceeded to look at me like I had six heads and act like I was the only
> > security admin that wouldn't allow this. What is the general consensus
> > on this type of activity? What policies do you have implemented? Do
> > you allow it if the remote network was confirmed to be secure?
> >
>Oh well, it much depends on what kind of data / information your external
>consultants work on. Does your policy have a classification criteria, if so
>what does it say about, for the sake of example, the remote access of
>confidential information? Do not forget, then, that once they unplug their
>laptops they may have recorded YOUR data on their hard disks and can roam
>happily on planes, trains and anywhere with YOUR data (and laptops are easy
>to forget somewhere or to be stolen anyway).
>
>I would be personally more concerned with administrative countermeasures
>than
>trying to technically assess their networks security (for example there may
>be a clause in their contracts about (not) storing your data locally or
>about
>what kind of measures you ask them to take if they do).
>
>Besides, if the tunnel is crypted (efficiently) end-to-end (or laptop to
>your
>border-router) what do you care what networks they traverse in the process?
>
>--
>Alessandro Bottonelli
>CISSP, BS7799 Lead Auditor
>www.axis-net.it
>
>---------------------------------------------------------------------------
>----------------------------------------------------------------------------
_________________________________________________________________
Has one of the new viruses infected your computer? Find out with a FREE
online computer virus scan from McAfee. Take the FreeScan now!
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: John Cole: "Prebuilt Bootable ISO for wireless assessment?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
