I was in discussion with a vendor to implement a backup solution and as flexible as most cloud applications nowadays, it needs to be access from anywhere on Internet without VPN or any special tunneling.
From high level perceptive, the solution has a web-ish application that client talks to and it needs to talk to a MS sql for some database/datastore operation. I am a little concerned to expose the application to Internet even just port 443/HTTPS as assured by the vendor rep. As traditional design, I could put the application into DMZ and leave SQL inside. I am still not 100% comfortable but I do not have a scenario in my mind to prove my concern.
I need your help convince me that it is not safe to expose web application to Internet even just port 443.
We need at least 10 more requests to produce the answer.
0 / 10 have requested this problem solution
The more requests, the faster the answer.
I was in discussion with a vendor to implement a backup solution and as flexible as...
The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...