• TCB13@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      2
      ·
      edit-2
      10 months ago

      Its just impossible to even start a VPN from these systems unless you have administrator privileges, so im not used to your way of doing it.

      That’s also the policy for the majority of the machines/users but there are a few that do have admin privileges like IT teams and whatnot and even if they manage to install a VPN solution (the app would most likely get blocked by endpoint security either way) they couldn’t communicate to the outside because the firewalls, as I described, are all set to block VPN traffic. Except for those situations I specified above.

      The bottom line is: distrust everything, everyone and anything. Even if you can ensure nobody can install a VPN application on their computers, assume someone might get around that and add proper firewall checks and blocks as well.