And I blame lazy software developers who had security holes in their apps that endangered enterprise networks. I'm an app developer and we shouldn't be placing blame on someone trying to do their job and protect their internal network. We need to own up and start making security a priority over yet another feature someone wants in their app. Yes we were quite clever to tunnel things through port 80, but we're just delaying the inevitable.
I partially agree but isn't the port blocking mostly about reducing the attack surface? If I were managing infrastructure (I never did), just trusting a browser and its security model sounds better than following bunch of white-listed apps for zero-days.
