| ▲ | raesene9 6 days ago | |
Everything in security is a tradeoff, and unfortunately compliance risks are real risks :D That said yep corps over-complicate things and given the number of 0-days in enterprise VPN providers, it could easily be argued that they add more risk than they mitigate. That's not to say a good VPN setup (or even allow-listing source IP address ranges) doesn't reduce exposure of otherwise Internet visible systems, reducing the likelihood of a mis-configuration or vulnerability being exploited... | ||
| ▲ | 7952 6 days ago | parent [-] | |
Yeah agreed. And some of these products can be configured to be more specific in whitelisting users to particular service. But only if they are actually configured to do that. | ||