The placement of the application depends a bit upon the topology of the network. If your organization uses a virtual...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
private network (VPN) and volunteers will be required to connect to the VPN before using the application, place the application's Web front-end in the same location where the VPN terminates. If this is your internal network, it's fine to place the Web front-end there.
If you don't plan to require a VPN connection, however, the DMZ is definitely the right choice, since it ensures that those accessing the application from the public Internet -- including those who attempt to access it without authorization -- won't be able to gain access to other applications or network resources.
The level of access granted to remote users should fall back upon the principle of least privilege; grant them only the access they need to get their jobs done. If there is no business requirement for users to modify data while off-site, there's no need to grant them those permissions. On the other hand, if they do need read access, there are many examples of organizations that expose database-driven applications to external users. Just be sure that you've thought about Web application security as well, since there are a whole other set of concerns involved with properly securing a hosted application.
Dig Deeper on DMZ Setup and Configuration
Related Q&A from Mike Chapple
Data center cleaning may not be mandated, but it's still a good idea to do. Some best practices include using HEPA technology and specific cleaning ...continue reading
Physical point-of-sale security is covered in PCI DSS. Expert Mike Chapple explains how to use good security practices and understand PCI ...continue reading
Here are some important criteria for hiring a partner to review your information security program, with a focus on HIPAA and HITECH compliance.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.