Timeline for Do I need to encrypt connections inside a corporate network?
Current License: CC BY-SA 4.0
12 events
when toggle format | what | by | license | comment | |
---|---|---|---|---|---|
Jul 2, 2018 at 19:53 | comment | added | le3th4x0rbot | @jjanes I think you are seriously overestimating how difficult it is to snoop traffic on an Ethernet broadcast domain. In your email example the lowest hanging fruit would be a sometimes non-encrypted SMTP connection through the LAN. Other than that the only attacks are snooping it over the internet, hacking gmail, or social engineering... | |
Jun 28, 2018 at 8:56 | comment | added | Jeremy French | There are some good answers, so I won't add one, but this picture sums it up pretty well "ssl added and removed here :)" blog.encrypt.me/assets/img/posts/2013/11/05/nsa_slide.jpg | |
Jun 26, 2018 at 13:26 | comment | added | jjanes | But how many of those internal "hacks" were done by MITMing an intranet http connection? Versus, say, forwarding an Excel spreadsheet from ones work address to ones gmail address? | |
Jun 24, 2018 at 18:01 | comment | added | Pharap | It's easy as long as you can trust an encryption library to be implemented properly and not have any bugs. Let's not forget the OpenSSL incident. Encryption is not easy, but using a 3rd party library generally is. | |
Jun 24, 2018 at 9:32 | comment | added | Willtech | Good advice. It is far to easy for an internal actor to sniff the network. | |
Jun 23, 2018 at 7:58 | comment | added | Out of Band | Besides being of practical importance, It's also solid security practice - defense in depth (without much cost). | |
Jun 22, 2018 at 15:44 | comment | added | WoJ | well, "~easy" in an internal network and easy on Internet (with Let's Encrypt). Beside that I fully agree and +1 for the sources. | |
Jun 22, 2018 at 12:10 | comment | added | Robert Cutajar | Thank you for backing the recommendation with real world numbers. That's exactly what I needed. | |
Jun 22, 2018 at 12:08 | vote | accept | Robert Cutajar | ||
Jun 21, 2018 at 23:38 | history | edited | Joe M | CC BY-SA 4.0 |
added 151 characters in body
|
Jun 21, 2018 at 15:24 | review | First posts | |||
Jun 21, 2018 at 15:30 | |||||
Jun 21, 2018 at 15:19 | history | answered | Joe M | CC BY-SA 4.0 |