AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Create a list of devices and their finger print, then if the client cert is used on a device which doesn't match the fingerprint you can block it.Īs I say these aren't absolutes but then nothing in security is. perhaps as a detective control you could combine this with browser fingerprinting (e.g. As points out it may be possible to move those to another machine but that would require the attacker to either be a staff member of to have unuthorised access to one of their systems You could also use client Certificates on authorised devices.TBH this sounds like the approach that will work best for your customers requirement Most companies will have static IP addresses on their Internet facing routers and if you set the application only to be accessible by those IP addresses it would be harder for an unauthorised person to get access to it unless he is in their office. Setup a firewall in front of the application to restrict the IP addresses allowed to access the application to the clients external IP address range. There's a couple of things you can do to help restrict the use of the application to a specific office location and specific devices, although as other answers point out none of them are absolute protection
0 Comments
Read More
Leave a Reply. |