Proxy

Proxy

N?o foi fornecido texto alternativo para esta imagem

Proxies or no proxies? That is the question!?

Definitely proxies! I can go on and on about the risks of "open pathway" to the internet. But let us just put up this analogy:?

Water from the river you know for sure it is filth! If you were given a choice to filter or not filter. Would it make it difficult to answer? Let us me honest here, forget about freedom of information at work, this is not a possibility.??

All internet traffic at work needs to be filtered, logged and analyzed, no exception. Even HTTPS request needs analysis. Remember, this is a workplace, no need for confidential personal accesses on company assets! You may called a "MITM"(Man in the middle) proxy, I call security!?

...and don’t be cheap as well, buy your own proxy server, it is a good opportunity to classify as "CAPEX" and make the CFO happy!?

I strongly recommend you to read Guide to Secure Web Services (NIST SP800-95)* to understand more why this decision should be a no brainer for network and security engineers.?

For Security guys out there: Yes, if nobody cannot find the error, blame on the proxy right? It is always the proxy! Yes, we all know, CTO calls the proxy admin everyday, even though it is a lot of bullets to dodge on everyday BAU to have a proxy server, it is still safer. Just add proxy to your service desk IVR options so your CTO can shout at it!??

Source:?

* https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-95.pdf?

要查看或添加评论,请登录

Vagner R.的更多文章

  • Log management

    Log management

    Why do we keep logs at all? It will not stop an incident, that is for sure! Logs are supposed to be reviewed, revisited…

  • BYOD

    BYOD

    "Bring your own disaster", it should be what it stands for! BYOD is never a good idea, we all want more freedom for…

  • Third Party provider

    Third Party provider

    As a grown issue, third party management is finally becoming priority in companies. In 2019, 44% of companies…

社区洞察

其他会员也浏览了