On 2024-02-12 23:55, Ron / BCLUG via talk wrote:
[snip]
This is a risk unaware Microsoft centric answer.
It's a "Why are there incoming connections to our network?!? And what
is their purpose? And where do they end up? Who is controlling them?"
issue.
Imagine being in charge of a large network and seeing countless
connections to end points inside the network and having no idea what
they're doing - that *should* scare any IT / network admin.
You are right.
There is a lot to be said for a single point of control.
Complaints about using a VPN make me think of the times when I have had
use VPNs that forced me to have a separate windows PC.
Its less of a problem now because more and more places have VPNs that
have Linux clients but that was not always the case, and I found the VPN
support in organizations that were that windows centric, terrible.
I did have one client a couple of years ago who could not get the linux
client for their VPN to work and eventually I had to bounce through 2
web based console apps to get access.
I was allowed to setup an SSH back link to my network where I could then
sign into the systems.
And this is not just a government issue its a big company based issue.
Yup, agreed 100%.
My personal belief is that companies believe that if they pay for the
service then they have someone they can sue if things go wrong.
Look at the recent set of remote access and data migration products
that have had VERY large corporate and government customers and big
security breaches.
And suing after the fact accomplishes pretty much nothing. Data is
"gone", reputation is ruined, time is wasted recovering, etc.
The desire to feel that you have someone you can hold accountable has
just about 0 correlation with the actual ability to hold them accountable.
It's more like, "here's a product we trust to manage incoming
connections, and if everyone's using this then we can control our
network much better".
Whether the trust is misplaced or not in any specific product, the
idea is valid.
There was once a saying.
"Nobody ever got fired for buying IBM".
I think that moved to Cisco some years ago and now I think it can be
used with AWS.
[snip]
--
Alvin Starr || land: (647)478-6285
Netvel Inc. || Cell: (416)806-0133
[email protected] ||
---
Post to this mailing list [email protected]
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
