I agree, I'm just reflecting on the reality... :(
On Sun, Feb 12, 2012 at 6:52 PM, Nico Williams <n...@cryptonector.com> wrote: > On Sun, Feb 12, 2012 at 7:51 PM, Krassimir Tzvetanov > <mailli...@krassi.biz> wrote: >> Sorry, tough questions only... no answers :) > > Not really tough. A good policy is: don't allow personal use of the > corporate network. No gmail. No yahoo. No employee-owned devices. > No shopping. No nothing. Allow HTTPS only to white-listed sites > (e.g., vendor software update services, a github or a sourceforge, if > the company uses open source projects, and so on). > > Ten years ago that might have sounded draconian. Twenty-five years > ago such a policy would have been unthinkable (user-owned network > devices? Internet access? what are those things?). But now we have > 3G and 4G everywhere. Employees can be connected to the Internet > without going through their employers' networks. So why not apply > such a policy? I think it's the best approach. In some cases > employees may not be allowed even personal devices connected using > public 3G/4G networks (think of sensitive military / research sites), > and that would hardly be the end of the world. > > Nico > -- _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography