E-banking security. Configured a dedicated hardware laptop with default network policy outgoing to denied. Manually configured a very limited set of IPs for the banks sites used (no DNS server allowed, static resolution in /etc/hosts) and OS packages. Second step (or factor) done on a dedicated phone hardware too (no sim card used). Automatic browser startup at session open with tabs open for the banks website.Been operational for a few years. Minimal maintenance. Great peace of mind.
No comments yet.