I have created a procedures Drupal site that is stand-alone and SSL secure.
Our internal It department is concerned that this site can be a threat, and a conduit for hackers to get in to internal network.
There is nothing connecting the internal network to the Drupal site except a reference path of users going to the site for info.
In my amateur opinion, it seems to be about as locked-down as it can be, but then again, I know nothing about Black Hat.
Can anyone enlighten me as to the threat that I may have created to my companies internal network?