On 13/10/10 09:38, Robert Bronsdon wrote:
On Tue, 12 Oct 2010 20:26:30 +0100, John Cooper
<[email protected]> wrote:
A very secure internal network can still be snooped by a very secure
network employee and find your passwords! It really is bad practice/lazy.
Depending on the size of the company (there are limits to this view) but
if you can't trust your employees (or your workplace breeds unsatisfied
employees who want to harm you) then you've got bigger problems than the
access keys to one door.
As I say, there are limits here, I can't imagine is some bright black
hatter got a job on the till in Lidl they'd feel 100% utilised.
FTP and telnet should not be used anywhere these days. They were not
built with security in mind. People use them because they are used to
them which is no excuse even in so called "secure" environments. SFTP,
SCP and SSH are not difficult to use/setup in basic use, they encrypt
the traffic and you know you are accessing the same server each time
(like a digital certificate on a HTTPS site). You cannot "trust" every
employee and it is far better not to give them the option of snooping
your passwords or file information in the first place.
John.
--
--------------------------------------------------------------
Discover Linux - Open Source Solutions to Business and Schools
http://discoverlinux.co.uk
--------------------------------------------------------------
--
Next meeting: Crown Hotel, Blandford Forum, Tuesday 2010-11-02 20:00
Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/
How to Report Bugs Effectively: http://goo.gl/4Xue
