this post was submitted on 19 Jul 2024
175 points (98.3% liked)

Asklemmy

43747 readers
1517 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
Cloak@lemmy.ml
mekhos@lemmy.ml
tmpod@lemmy.pt
14specks@lemmy.ml
175
What is the worst IT setup you have seen at a company? (sh.itjust.works)
submitted 3 months ago* (last edited 3 months ago) by gnutard@sh.itjust.works to c/asklemmy@lemmy.ml
124 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] j4k3@lemmy.world 73 points 3 months ago (5 children)

Coffee shop open WiFi on the same network as the main retail central point of sale system server for several stores.

[โ€“] biscuitswalrus@aussie.zone 18 points 3 months ago (3 children)

Transport layer security should mean this shouldn't matter. A good POS shouldn't rely on a secure network, the security should already be built in cyptographically at the network session layer. Anything else would still have the same risk vector, just a lower chance of happening.

In fact many POS systems happily just take a 4g/5g sim card because it doesn't matter what network they're on.

[โ€“] Shard@lemmy.world 8 points 3 months ago (2 children)

Non IT guy here.

Not all attackers might want access to the POS system. Some might just want to mess around

Couldn't someone mess with the WiFi or network itself? I'm just figuring someone who doesn't secure the WiFi is someone who's going to leave admin passwords on the default and they'd be able to mess with the network settings just enough to bring the system to a halt.

[โ€“] eclipse@lemmy.world 2 points 3 months ago* (last edited 3 months ago)

Never trust the network in any circumstance. If you start from that basis then life becomes easier.

Google has a good approach to this: https://cloud.google.com/beyondcorp

EDIT:

I'd like to add a tangential rant about companies still using shit like IP AllowLists and VPNs. They're just implementing eggshell security.

load more comments (1 replies)
load more comments (1 replies)
load more comments (2 replies)