We're planning to deploy an internal application with a ton of sensitive data and we're becoming very worried security wise. I suggested to keep it on our internal network but I was vetoed. Inside of the app, we programmed it to only respect requests if they come from an internal IP address (otherwise it shows a blank page). But, I'm still nervous about it. Should I be? How secure is IP Address filtering.