The Trump administration's assault on journalism and federal workers escalates as Social Security Administration employees are banned from accessing news sites.
It’s not an IT fix for HR problem. It’s literally just a best practice in IT security and has absolutely nothing to do with people. It’s a priciple of least required access. It’s not just for website filters, it applies to all aspects of security. In this case, it’s to prevent fishy websites being visited by accident - for example your finger slips and you misspell a company website address and all of a sudden it redirects you to a phishing version of Microsoft SSO login portal you always use to sign in to work. You didn’t notice it and you input credentials compromising your system.
These websites are rampant, constantly finding new ways to social engineer ways for people to accidentally visit them and can’t be added to a filter as fast as they pop up. That’s why you block by default. It’s a lot easier to make a list of websites required for your work than to exclude every potentially harmful website that’s getting generated magnitudes faster than any internal company portal.
This is a very simple example of applying the “least privilege” security principle. It’s akin to you not leaving your front door open and unlocked just in case one of your friends drops by, but instead giving the friend a set of keys and locking your door.
I should note that I don’t think that’s what musk is doing to our government but since you seemed to have misunderstood what the security principle is actually meant for I wanted to add some context.
It’s internet my man. As long as it doesn’t break AUP, we pay zScaler a lot of money to allow people to go to News sites and block phishing, known baddies, new domains, and unknown sites.
It’s not an IT fix for HR problem. It’s literally just a best practice in IT security and has absolutely nothing to do with people. It’s a priciple of least required access. It’s not just for website filters, it applies to all aspects of security. In this case, it’s to prevent fishy websites being visited by accident - for example your finger slips and you misspell a company website address and all of a sudden it redirects you to a phishing version of Microsoft SSO login portal you always use to sign in to work. You didn’t notice it and you input credentials compromising your system.
These websites are rampant, constantly finding new ways to social engineer ways for people to accidentally visit them and can’t be added to a filter as fast as they pop up. That’s why you block by default. It’s a lot easier to make a list of websites required for your work than to exclude every potentially harmful website that’s getting generated magnitudes faster than any internal company portal.
This is a very simple example of applying the “least privilege” security principle. It’s akin to you not leaving your front door open and unlocked just in case one of your friends drops by, but instead giving the friend a set of keys and locking your door.
I should note that I don’t think that’s what musk is doing to our government but since you seemed to have misunderstood what the security principle is actually meant for I wanted to add some context.
But that’s what blocking newly registered domains and unknown domains are for.
Most webfilters have boxes to block those. Usually much higher up than News sites.
Wow lot of tech illiterate people in this thread. Jesus Christ what a waste of time
I kind of wonder where people work that IT doesn’t block a handful of legitimate sites.
It’s internet my man. As long as it doesn’t break AUP, we pay zScaler a lot of money to allow people to go to News sites and block phishing, known baddies, new domains, and unknown sites.