Isolation of all our cmm computers

[[Da...]]

We are having our second meeting about severing all computer ties with the outside world on our 4 cmms.
There will be no internet connection except thru an administrative hook up. We will be able to allow access from Zeiss, but no other sources. Anything you guys see as a problem doing this? We have a new guy that has been playing with downloading data to his own program to monitor all data from the machines. this has caused some Stalls, and computer lock ups from time to time. Data output will be dumped to a stick and manually moved to one of our network computers.This seems like too much to me ...

[[Er...]]

I get companies wanting to shut out the outside world. I don't understand having the Zeiss computer set up as part of the network to communicate internally so you didn't have to manually move data. I agree, this seems overkill.

[[Er...]]

My assumption would be the hard drive is getting bogged down with the file transfer and Calypso is waiting(stalling, locking up). I have seen Calypso act up with our computers when this happens.

So instead of telling one guy to use a thumb drive to copy files instead of the server is not possible? I guess a permanant solution is what someone wants to implement.

The problem is that cutting off the internet means Zeiss cannot remote into the computer if issues arise.

An easier solution would be turn off Network Share for the local drives. Then no one on the network could access the local drives from the network.

[[Je...]]

Please sign in to view this quote.

.
Dave, I'm curious.. what is the main driver for this pursuit? Is is purely for data security or for something else? While reducing external access can limit some security risks, it also creates a single point of failure with the administrative hookup, and any potential vulnerabilities in this connection could be exploited. Just playing devil's advocate. It may be a good idea if your company's IT stays modernized and proactive. Off the grid is not always safer.
.