|
|
On Tuesday 01 March 2005 16:50, Scott Merrill wrote:
> it, while simultaneously protecting our trade secrets. The fear is
> that a user will take their system (desktop or laptop) into a
> competitor, connect via VPN, and show them a lot of stuff we'd prefer
> they not see.
>
> How are others mitigating this concern? The best we've been able to
I'll do a late jump on the bandwagon here and say this is a political
issue. Don't give ANY user access to ANY data or service you cannot
trust him to manage safely.
Build trust with the staff, or build a new staff.
> come up with so far is to provide static IPs to our remote users, and
> restrict incoming VPN connections to those static IPs.
And what if they invite the competitor over to THEIR office? Or what if
they make a dual-hop tunnel from competitor through the remote into the
home office?
> I'd love to hear how others have tackled this.
I don't see any technical solution at all. Use political / human
measures to address these issues.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|