|
|
|
|
|
|
by lwf
2448 days ago
|
|
|
I agree — band-aids aren't per-se a bad thing. However, a VPN isn't the ideal end state. Even if you can't modify the underlying application, the goal should be "wrap in a reverse-proxy that handles authn / some-amount-of-authz so you can minimise the risk". VPNs handle network security, but don't protect you against an attacker able to compromise an endpoint in your corporate environment. |
|
|