Corporate is nervous about cyber attacks and has asked about isolating the corporate network from the Internet and use VM's for webmail and browsing. Updates can be done offline.
Is this doable or just ridiculous?
Isolating the network does increase the security while reducing the attack surface. But without good usable internet access, it's harder to be productive as an employee. Therefore efficiency of the workforce will be lowered.<p>Depending on your company size, there are ways to achieve relatively high security. However, no system is secure enough and everything can be hacked at some point if there is enough interest in it.
There are others like this. This is the one I can recall now . Basically the proxy mitm a Js agent which is pretty much vnc for your browser. You only get the view of the headless proxy sandbox rendering whatever page you requested . So if any escape happens it happens in an isolated disposable compute managed by the proxy<p><a href="https://www.broadcom.com/products/cyber-security/network/web-protection/web-isolation" rel="nofollow">https://www.broadcom.com/products/cyber-security/network/web...</a>
I’ve worked on air gapped networks and I was probably a tenth as productive as I normally can be (if that) as a programmer. Having all sorts of info at your fingertips speeds up development and debugging quite a bit. I’d be worried your leadership doesn’t understand the trade off they’re making for company productivity for something like this.