See, we're still making payments on those servers

This healthcare software company's CEO also serves as Chief Information Security Officer -- and has very definite ideas about how to do security, reports a pilot fish on the scene.

"All remote access is via Remote Desktop Protocol using a set of terminal servers as jump boxes," fish says. "The process is slow, prone to dropping sessions and not especially secure.

"After six years of the entire IT staff -- and all of the users -- making their case and pleading for a better solution, the CEO/CISO finally agrees to permit the use of a very secure VPN solution for which every inbound connection requires two-factor authentication and a full inspection of the remote laptop, including checking that it is a member of the corporate Active Directory domain.

"There is, however, one condition: The VPN connection allows access only to the same old RDP terminal servers -- and to nothing else."

Connect with Sharky. Send me your true tale of IT life at You'll get a stylish Shark shirt if I use it. Add your comments below, and read some great old tales in the Sharkives.

Get your daily dose of out-takes from the IT Theater of the Absurd delivered directly to your Inbox. Subscribe now to the Daily Shark Newsletter.


Copyright © 2015 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon