|
|
|
|
|
|
by click170
4038 days ago
|
|
|
I humbly submit you haven't seen an environment that was high security. There's two general ways to treat Internet traffic, whitelisting and blacklisting. Many companies will simply use blacklists. These are easy to bypass as you are well aware. I have seen more than one environment that was whitelist based, no machine can access any other machine that isn't required for it to do it's job. Anyone needing to override a block enters a username, password, and reason, if they have the authority to do so, which leaves an audit trail. Security and convenience is often a trade off, you do a risk assessment to determine if it's worth the risk to you and your company. For many people and companies, it's not, so they blacklist. |
|
|