Intranet Security – SANS best practices for 2021

Often companies protect the outer shell facing the Internet well — but they may not safeguard their own internal web (aka Intranet) as well.  Encryption & other best security practices are a must in 2021 at every point (email, web, company network, routers, etc.)

HTTPS Support for All Internal Services (

Why and How You Should be Using an Internal Certificate Authority (

The landscape is changing to force more and more people to switch to encrypted communications and this is good!   Yesterday diary covered the deployment of your own internal CA to generate certificates and switch everything to secure communications. This is a good point. Especially, by deploying your own root CA, you will add an extra  string to your securitybow: SSL interception and inspection.