> >When you have clients like Mohamed Ali, Hillary Clinton, etc, it's negligent >to expose know security risks to the business. > >And even if it' Joe Smith, it's the same issue. >
This is a sysadmin issue. If the accounting system is posted in a publically available area (ie. the web) then the security issues start with the individual making that decision. Nobody should have direct access to that system except under excetptionally strict and controlled circumstances. Best case scenario is that the accounting system is unplugged from the network, but this is not always possible. In any event, if it is not running under ssl, there is an obvious security issue. If it is publically available and unprotected, there is an obvious security issue. Systems can have all the vulnerabilites in the world, but they cannot be exploited it the sysadmin does his job correctly and with diligence. -- Keith Mastin BeechTree Information Technology Services Inc. 137 Laird Drive Toronto M4G 3V5 http://www.beechtree.ca (416)696-6070 Fax(416)696-6072 [EMAIL PROTECTED] ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------- (un)subscribe: http://lists.sourceforge.net/lists/listinfo/sql-ledger-users Archive: http://www.mail-archive.com/[email protected]/
