|
|
|
|
|
|
by raesene9
307 days ago
|
|
|
Everything in security is a tradeoff, and unfortunately compliance risks are real risks :D That said yep corps over-complicate things and given the number of 0-days in enterprise VPN providers, it could easily be argued that they add more risk than they mitigate. That's not to say a good VPN setup (or even allow-listing source IP address ranges) doesn't reduce exposure of otherwise Internet visible systems, reducing the likelihood of a mis-configuration or vulnerability being exploited... |
|
|