Enterprise services that must be exposed to untrusted networks, such as Web servers and SMTP servers, should be...
placed in the DMZ. This arrangement ensures that, in the event of a compromise, internal users and systems have a firewall that protects them from an affected server. Placing enterprise users (who belong on the intranet) in the DMZ eliminates this layer of protection and puts them at risk to systems on the untrusted network.
Related Q&A from Mike Chapple, Enterprise Compliance
The HHS security risk assessment tool is designed to help healthcare providers meet the HIPAA security requirement. Expert Mike Chapple explains how ...continue reading
PCI DSS requirement 6.6 demands application security compliance through one of two options: an application firewall or a code review. Expert Mike ...continue reading
Are HIPAA-compliant hosting services a better option for compliance than a secure storage API? Expert Mike Chapple analyzes.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.