I have port forwarding setup on our firewall so that staff can get to a web-based HR system (so basically a web address). I didn't do the setup, but this isn't the only port forward we have that doesn't just go to the DMZ, and instead goes straight through to the internal network
What are the issues with this? I did a bit of a google search, and some say yes it is an issue (as a port is open), and others say no (hackers need to exploit the program not the port per se). I don't fully understand the potential issues here. I'm just looking for information about this so I can think about whether or not we change this.
Thanks!