I have deployed Cisco Secure Desktop for a customer who are also using clientless SSL VPNs. They are concerned that a user may be able to access a corporate resource via the Web VPN portal, save it within the Secure Desktop session and then upload the file to an upload site via the browser in the Secure Desktop. They are concerned that this will allow the users, and other people, to access this file when the Secure Desktop session has closed.
Does anyone have any views as to whether this is a legitimate security risk and, if so, if there is a way to prevent this from happening? I have been told that there is no way around this at present.
Any views would be welcomed.