Elliotte Harold wrote:
James Holderness wrote:
Ok, so let's say I have an internal company wiki that's editable using
APP. The wiki is hosted on our internal network and everyone accessing
the wiki is on the internal network too. Everything behind a firewall.
Hell, maybe we aren't even connected to the internet at all. The wiki
uses basic auth for identification. Why is it that we MUST use a
secure connection.
Disgruntled employees.
Employee != IP address. Otherwise I'm lost as to how an ssl connection
helps you.
Rogue wifi access points.
can be better secured about 3 layers down from us.
Crackers posing as janitors.
Can be secured at the machine.
Visiting salespeople.
See wifi point, see janitor point.
Interns with too much time on their
hands. etc.
You've hired the wrong interns, hired too many, or both.
We're not here to solve corporate security/hiring policies, or the lack
thereof.
cheers
Bill
