We're considering turning guest access on for some of our sites, but we're concerned about security. We're a fairly large university and we have pretty sensitive data (student information, salaries, financial, advancement, medical, HR, etc).
Has anyone implemented guest access and embedded views? Have you experienced security issues? Should we shut it off completely and tell our users that we've decided not to implement it?
I'd appreciate any advice or suggestions. I'm particularly looking for real-life experiences.
Prior to 10.2 we had Guest Access on for all Sites. We do have an HR site and experienced no issues with security, however, there is no outside access to our servers (company traffic only).
With 10.2 we now have two sites out of five (including HR) with Guest Access turned off but it's simply for their boss's peace of mind.