Aussie PM Office Calls For Government Ban On Gmail, Hotmail 178
aesoteric writes "The Australian National Audit Office has called on all Australian government agencies to block free web-based email services like Gmail and Hotmail to mitigate security and information integrity risks. The auditor noted that such public email services 'should be blocked on agency IT systems, as these can provide an easily accessible point of entry for an external attack and subject the agency to the potential for intended or unintended information disclosure.' Not surprisingly, the move is seen by some as an attempt to prevent a WikiLeaks-style disclosure from occurring."
What where they thinking? (Score:4, Informative)
In the private sector I have been doing this for years, because of security. If a user want to access his Gmail/private mail he can use his mobile not via my network and if management agrees I would place a shared system in areas that is on a separate network for such uses.
Re:Waste of Time (Score:5, Informative)
Re:Why not just block attachments? (Score:5, Informative)
It is 100% possible and it is done ever day.
The proxy terminates the https request and then creates a new https request going out. So yes you can tell if there is POST event. You can tell if it is a file. You may not be able to read the file as it may have separate encryption.
Re:Hyperbole much? (Score:5, Informative)
I've worked in quite a few Australian Govt. Departments (Commonwealth and State). In at least three-quarters of them, webmail such as Gmail and Yahoo and Hotmail were ~already blocked~. So this recommendation I suppose is just to pull the few departments that haven't already blocked them, into line.