Modeblue

I am a strong beleiver in empowering the end user. The ideal is to give them enough support and freedom to enable them to do their job better and more effieciently & after all, that’s what IT is meant to be about. However, there are a few exceptions to that rule:The use of modern SSL VPN software is an extrememly high risk for corporate IT. It puts the responsibility of computer, software and malware management on the user, not the IT dept. Imagine the following scenario:

Jon is a senior sales exec, he uses a desktop in the office, and occasionally uses the SSL VPN from his home PC to catch up on email & update a few spreadsheets. One day Jon is out with friends when he gets a call from his boss & he needs to access a file, but isn’t able to get to the office. So Jon goes into an internet cafe, where he logs on to the VPN & edits the file.

Would you want that Administrator driven, multi user, unlocked PC accessing your network

What if Jon’s son was music crazy, and used his home PC everyday to download music via various P2P software?

What if Jon was using his friends mothers neighbours unpatched Windows ME machine?

I’m sure you get the idea, when you cant limit which machines have access, you cant protect the network.