secured limited access to webaplication
i have a home made webapplication running for about 80 users in 8
different offices worldwide and this application holds vital information
on our operation and is of course strictly confidential.
to keep it secure it is running on https:// and the access is limited by
firewall to the IP addresses of the offices.
This works but is not extremely flexible if you want to grant
permissions to homeworkers (VPN can solve this though), also 2 of the
offices can not get a static IP so they need a manual update of the
firewall now and then.
my question in this is, are there better ways to shield a web
application from prying eyes except from fire-walling it?
would love to hear some thoughts and experiences,