Geofiltering

My organization is testing Geofiltering controls. I’m generally opposed to Geofiltering, but this is intriguing.

The easiest controls are the ones backed by policy. If your audit department has rules against international remote access, that’s mostly easy. Every modern firewall except for Cisco offers native Geofiltering.  Apply the rules and walk away.  The shortcoming is threat intelligence. If your remote access solutions (Cisco ASA VPN) can’t handle Geofiltering, you’re stuck. In an ideal world, I’d like to use dynamic access policies to block users after authentication.

User / Customer / Shareholder system controls are the interesting ones. You can’t block those people just because they travel overseas. Do you implement captcha technology, email notifications, etc?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s