I have firewalled dns as a security measure. One hack is to point someone at a foreign dns server bad guys control. So I guess I am off to another provider if they do this. Disappointing.
Slashdot videos: Now with more Slashdot!
We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
I used to work at a TV station. My two cents and the short version.
The business end of the company has different needs and goals than the engineering area. An example a marketing person should not be able to access the transmitter site. Put a firewall between Engineering and the rest of the company. That is your point of demarc. There is going to be data sharing between the areas, but that is the purpose of the firewall. Setup procedures and standards for company computing. Train or work with a designated engineer on company IT procedures. Let the IT engneer setup engineering procedures The engineers only need access to a subset of the company IT. Engineers PCs should log on to the domain or their trusted domain.. Everybody is happy.