Collaborate Disseminate
As per the title. What risks and controls should I consider? Are there any questions i need to ask the external party AD before setting up the ‘Trust’ between the 2 ADs?
i am setting up an s3 to allow a partner (also on AWS) access to our bucket. Is the connection routed over the internet or privately?
I would like to give a partner organisation and their users access to an app.
The users have been provided AD accounts from my organisation.
They will use their company devices (not assured) to access the app over the internet.
The user wi… Continue reading Is my domain controller at risk if allow untrusted devices (partner) access to an app? [closed]
I have a private S3 bucket. I want a user from an external organisation to have access.
I have added a user in IAM. How does this external user get notified and how do I share credentials?
The secret key, at a minimum, should not be shared… Continue reading After creating an AWS user for S3 access with access key and secret key, how do I share these with the user?
Within a DevSecOps Ci/Cd pipeline, one of the best practices is to automatically discover and apply patches to vulnerable software prior to deployment.
Is it possible to check a CVE database, find patches, and then deploy? I want to build … Continue reading How do you build in the capability to automate the ability to discover and apply security patches in your ci/cd pipeline?
I have users at a remote site who access business application via an MPLS. The applications use HTTPS (TLS). The MPLS connection that we have is non-encrypted. The data is sensitive.
Would adding encryption to the MPLS provide additional … Continue reading Would adding encryption to an MPLS provide additional protection for application access which is over TLS?
I have users at a remote site who access business application via an MPLS. The applications use HTTPS (TLS). The MPLS connection that we have is non-encrypted. The data is sensitive.
Would adding encryption to the MPLS provide additional … Continue reading Would adding encryption to an MPLS provide additional protection for application access which is over TLS?
We are deploying android tablets with a shared pin for users in an office.
If the device was stolen or in the hands of a hacker, what can a hacker do on the network (realistically)?
Android does NOT have a command prompt so therefore would… Continue reading What can a malicious user do with a shared android tablet on a corporate network via connected to corp WIFI?
I have various servers on-premises on a private network. Some of these servers need to reach out to vendor websites to check for patch status, license verification etc.
Where should these servers be placed? Tn DMZ or can they remain on the… Continue reading Server placement for vendor verification check over the internet. DMZ or Private?
I work for a company with a large user base. There is a requirement to allow users to add printers to their laptops e.g. when working from home.
What are the security risks?
Is their a bad actor can use a printer to hack the laptop?
Can a … Continue reading What are the risks of allowing general users to add printers to their company laptops?