See, we're still making payments on those servers


This healthcare software company's CEO also serves as Chief Information Security Officer -- and has very definite ideas about how to do security, reports a pilot fish on the scene.

"All remote access is via Remote Desktop Protocol using a set of terminal servers as jump boxes," fish says. "The process is slow, prone to dropping sessions and not especially secure.

"After six years of the entire IT staff -- and all of the users -- making their case and pleading for a better solution, the CEO/CISO finally agrees to permit the use of a very secure VPN solution for which every inbound connection requires two-factor authentication and a full inspection of the remote laptop, including checking that it is a member of the corporate Active Directory domain.

"There is, however, one condition: The VPN connection allows access only to the same old RDP terminal servers -- and to nothing else."

Connect with Sharky. Send me your true tale of IT life at You'll get a stylish Shark shirt if I use it. Add your comments below, and read some great old tales in the Sharkives.

Get your daily dose of out-takes from the IT Theater of the Absurd delivered directly to your Inbox. Subscribe now to the Daily Shark Newsletter.

The march toward exascale computers
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies