> -----Original Message----- > From: Sinha, Amitabh (Amit) [mailto:[EMAIL PROTECTED]] > Sent: Monday, December 09, 2002 11:21 AM > To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED] > Cc: jon kintner; Rick Darsey; > [EMAIL PROTECTED]; > [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Providing Visitor Access > > > This brings up some interesting questions. > > Would there be any legal issue with allowing open access from > within your company (for this restrictive network)?
Absolutely. Anything done within your network you can potentially be held liable for. Harrassment, stalking, porn, hacking, spam, etc. It's a due diligence thing and many companies, especially those under Grahm,m Leach Bliley and HIPAA have serious responsibilties and consequences. Also, there are some potential new issues regrading liability for Wireless networks, whether privately or publicly available (incl. the home users). There was an article in Wired yesterday on that. Is web > type access going through a proxy that is filtering? (Could > the company be liable if something illegal is done from the > company owned IP space (child porn etc.)? Absolutely. Child porn is a felony period - any instance must be reported to LEO. Regular porn can set up an environment of sexual harrassment and leave you open to lawsuits from your own employees,etc.. You are responsible for your users actions to some extent. This depends on due diligence, security measures in place, etc....but it comes down to what a jury thinks in a civil case. I wouldn't want to take it that far, especially when you will probably lose or settle and either would cost a bundle. Prevention is best. Now think also about if someone takes your confidential, say medical info, files and send them out on the Internet....how liable do you think you would be and what kind of award do you tink the jury would give out??? Unrestricted Internet access is NOT due diligence. Any due diligence > issues?? OR if a visitors information is stolen from the > Internet while they were connected from this unrestricted vlan?) Unrestricted anything is not a wise policy. Why do users need unrestricted Internet access? So they can check their personal e-mail, download music (copyright violations), surf, shop, waste time, money and bandwidth, gamble, chat??? Users should be restricte to AUTHORIZED websites that are for BUSINESS USE only. Use something like surfcontrol or websense to monitor and restrict internet access. > > Are more and more companies providing this type of > unrestricted access to their visitors? Absolutely not! Companies are restricting visitors access!! Why would you give a visitor access to your network and your Internet access? You don't know them, you haven't background checked them. You shouldn't allow most of your own employees this unrestricted access so why grant it to a stranger. How do you know thisperson isn't stealing confidential info, installing unauthorized software, etc.? More companies are realizing they are liable and are restricting access across the board, not opening it up. How are others doing > this? Is there an industry standard or a general practice ... > > Thanks, > Amit > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Thursday, December 05, 2002 10:25 PM > To: [EMAIL PROTECTED] > Cc: jon kintner; Rick Darsey; [EMAIL PROTECTED]; > [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: RE: Preventing DHCP from allocating IPs > > > > We are dealing with this right now. We are creating an > "area" on each floor that visitors can use. The ethernet > ports in these areas will be using a private vlan that > provides IP connectivity and Internet access only. These > areas are ACL'ed off from our enterprise network. It is not > perfect, but since we have good physical security and all > other ports on the switch are disabled by default, it allows > our vendors to use our network as a transport service only. > I hope this helps a little. > > Chris Tillett > > > > ********************************************************************** This message is a PRIVILEGED AND CONFIDENTIAL communication, and is intended only for the individual(s) named herein or others specifically authorized to receive the communication. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender of the error immediately, do not read or use the communication in any manner, destroy all copies, and delete it from your system if the communication was sent via email. **********************************************************************