logoalt Hacker News

hugo1789yesterday at 6:50 PM2 repliesview on HN

What’s the alternative—locking down all legitimate users and still losing the data anyway?

Network controls alone don’t stop exfiltration. HDMI/DP can move data faster than most consumer NICs. Does the system account for that scenario?

Replies

wkat4242today at 6:18 AM

It's a matter of layers. Banning VPNs isn't a perfect measure. But it makes it a lot easier than when you let everyone cowboy around.

Same with RBAC. It's not perfect because some people need legit access to stuff and it can be abused. But it makes it much harder for bad actors.

panarkytoday at 7:18 AM

> Network controls alone don’t stop exfiltration.

Stop signs alone don't stop all traffic accidents.