As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).
Thanks!
I understand that. But among the peers working there are some using windows without any further protection. Why do I need to be the one getting IO-bombed by a software that scans the same files that were gathered from an internal git server anyway, when there are people whose protection is literally “pls don’t tresspass”
I trust my system way better: data at rest is encrypted with LUKS instead of bitlocker’s sucky encription; openvpn conf was upgraded by me because it admins use 128 bits keys for some reason. Etc.
Your working environment sounds gross :)
IT is hard. Finding good IT people is harder in my opinion. Working for a company that is not super squared away with good security and great usability sucks. At least you found some work arounds and are trying to do it well.