quote:

Originally posted by Gear.Up:
Would you agree that it's possible to decrypt traffic via proxy server, inline method, etc.?

Sure. It's called a "Man In The Middle" attack. But it takes more than just installing a "corporate certificate" on client machines.

I don't mean to be insulting or dismissive, but an explanation of how public/private key cryptography works would take way more effort than I'm willing to expend There are plenty of on-line resources, however.

Read it and thank you Rey HRH..

quote:

Sure. It's called a "Man In The Middle" attack. But it takes more than just installing a "corporate certificate" on client machines.

I don't mean to be insulting or dismissive, but an explanation of how public/private key cryptography works would take way more effort than I'm willing to expend Smile There are plenty of on-line resources, however.

Yes, there are a number of ways to achieve it. A good corporate firewall will have the ability to decrypt any encrypted traffic entering and leaving the network. Thus my statement that they can see everything you're doing. We havem't even touched on remote monitoring with capture of your screen, keystrokes, etc.

My short answer to anyone asking this question is "don't use corporate assets for personal stuff." That also applies to a personal mobile phone or tablet with company email / mgmnt. software. Use a second device...