Naughty employees may download trojans/rootkits/etc, to their computer so that they or their haxor friends can access their pc late night and hack more servers in that network = (me being totally paranoid , expecting the un-expectable) heh.
Employees may mistakenly download and execute any virus/trojans targetted by your competitors or hackers/crackers for kicks to explore your network via that weak link. Social Engineering attacks via emails while the employee is on the network. Propogation of worms 'cause the initial mistake was done by an employee being tricked to execute the worm via email. etc etc etc. Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk Vice President Pakistan Computer Emergency Responce Team (PakCERT) web: www.pakcert.org Chief Security Analyst Applied Technology Research Center (ATRC) web: www.atrc.net.pk --- "Innes Fisher" <[EMAIL PROTECTED]> wrote: >I have recently been asked to review our policy on allowing internal staff = >access to external we-based email services (eg Hotmail) from the corporate = >network. To date, we have prohibited access to any outside service, and req= >uire all inward/outward mail to be channelled through our secure mail serve= >r. > >I maintain that general access to such services creates unacceptable risk f= >or the business, but have been asked to justify this position.=20 > >I'm interested in comments from the list, and to hear the positions taken b= >y other organisations. If a considered position is in place, ie a deliberat= >e decision was made either way, I'd be interested in the basis for this. > >Thanks and regards, >Innes Fisher _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Promote your group and strengthen ties to your members with [EMAIL PROTECTED] by Everyone.net http://www.everyone.net/?btn=tag
