We are segregating users PCs that could access Internet from
With this segregation in place, is it still essential to have a proxy
for the users PCs that access Internet? The PCs have AV installed.
The argument is if the users PCs are infected, we can just wipe
them out & reclone & there's no sensitive data stored in them.
Next is if the PCs are used for email access, then should it be
segregated from the servers' network or it should be part of
the users network that could access Internet (other than the
MS Exchange which we use O365 in Cloud)? I've seen emails
is possibly the top vector of malwares, sometimes accounting
for more than 80% of malwares (including malicious PDF &
phishing links/attachments in them), so my view is emails has
higher risk than Internet access.