Proxy
Proxies or no proxies? That is the question!?
Definitely proxies! I can go on and on about the risks of "open pathway" to the internet. But let us just put up this analogy:?
Water from the river you know for sure it is filth! If you were given a choice to filter or not filter. Would it make it difficult to answer? Let us me honest here, forget about freedom of information at work, this is not a possibility.??
All internet traffic at work needs to be filtered, logged and analyzed, no exception. Even HTTPS request needs analysis. Remember, this is a workplace, no need for confidential personal accesses on company assets! You may called a "MITM"(Man in the middle) proxy, I call security!?
...and don’t be cheap as well, buy your own proxy server, it is a good opportunity to classify as "CAPEX" and make the CFO happy!?
I strongly recommend you to read Guide to Secure Web Services (NIST SP800-95)* to understand more why this decision should be a no brainer for network and security engineers.?
For Security guys out there: Yes, if nobody cannot find the error, blame on the proxy right? It is always the proxy! Yes, we all know, CTO calls the proxy admin everyday, even though it is a lot of bullets to dodge on everyday BAU to have a proxy server, it is still safer. Just add proxy to your service desk IVR options so your CTO can shout at it!??
Source:?