Consumers are never implicitly trustworthy. Whenever a user tries to access a source, they need to be authenticated and authorized, regardless of whether they're already on the company network. Authenticated users are granted least-privilege access only, as well as their permissions are revoked when their task is finished. Even https://bookmarketmaven.com/story17367439/5-simple-statements-about-network-security-explained
