This healthcare software company's CEO also serves as Chief Information Security Officer -- and has very definite ideas about how to do security, reports a pilot fish on the scene.
"All remote access is via Remote Desktop Protocol using a set of terminal servers as jump boxes," fish says. "The process is slow, prone to dropping sessions and not especially secure.
"After six years of the entire IT staff -- and all of the users -- making their case and pleading for a better solution, the CEO/CISO finally agrees to permit the use of a very secure VPN solution for which every inbound connection requires two-factor authentication and a full inspection of the remote laptop, including checking that it is a member of the corporate Active Directory domain.
"There is, however, one condition: The VPN connection allows access only to the same old RDP terminal servers -- and to nothing else."
Connect with Sharky. Send me your true tale of IT life at email@example.com. You'll get a stylish Shark shirt if I use it. Add your comments below, and read some great old tales in the Sharkives.
Get your daily dose of out-takes from the IT Theater of the Absurd delivered directly to your Inbox. Subscribe now to the Daily Shark Newsletter.