|
|
The position we take at my site is summarized thus: If you can't trust your users, you can't trust your users. Reducing your VPN's functionality won't stop them from stealing trade secrets if they're sufficiently inclined to go that route -- they can do that even without a VPN if they really want to -- but it *will* interfere with their ability to conveniently get work done remotely, which is the whole point. We restrict VPN access to folks who have a good reason to have it -- part-time contractors are out, for instance -- and are extremely quick on the draw to revoke the certificates (and Kerberos principals) of outgoing personnel. Beyond that, we risk buying a false sense of security -- and paying for it with lost employee productivity. ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-03/msg00020.html on line 188 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-03/msg00020.html on line 188 |