Skip to main content

Knocking-off NAC, just not yet!


Happiest days of Networking? Desktop wired to a face plate, wired back to the switches and you must be physically present to access the local or corporate network resources. Then came the flexibility of laptops. You can carry it wherever you want. Presentation at a customer place, no issues. Design your presentation, off-you go, attach to the projector at the conference room and deliver a presentation. But back to the office network, you need that magic RJ-45 Ethernet cable to get hooked to the corporate network. One file server, and one print server, and somewhat advanced networks you used to have mail servers.
Then came the wireless networks. Laptops needed a PCMCIA card to make your connection wirelessly. Yet, some control with the network administrators. Introduction of built-in wireless devices, introduction of smart phones, tablets and umpteen other devices resulted in complete loss of control and administrators now with sophisticated designations as ‘Security Administrators’ started feeling the heat.
Network Admission or Access Control (NAC) is all about right people accessing right resources in compliance to the corporate security policies. No more and no less.
You want your employees to be connected 24×7? Mail clients on mobile, fancy mails tags such as ‘Sent from Outlook for Android or Sent from iPhone’? Now you are talking about what to control. How would you restrict an employee downloading a corporate email attachment to the phone and then sending it back to his or her personal email address?
Access to Corporate resources through mobile apps, Web based applications, Time and attendance, Sales and CRM from anywhere, anytime from any device, you are talking about a wide spectrum to monitor and control.
NAC is not the newest of technologies in the block. It has been there for at least two decades. Now why this renewed focus? Wireless infrastructure allowed employees, contractors and guests to access Corporate network. However, you want to restrict Guests to only access Internet and not the Intranet. You may want to allow contractors to Extranet, but not to access your internal file servers. Employees need to access certain resources, but only when they are in certain locations. Access to corporate applications from an Internet Café means a complete clean-up of session after your complete your work or risk of losing corporate data to outsiders. Organization’s decision to BYOD (Bring Your Own Device) may spell doom to CSOs and may mockingly become Bring Your Own Death (BYOD).
Protecting sensitive data, improved productivity, flexibility in BYOD, ease of deployment and ease of management are the factors a CSO to consider before deciding on a NAC solution.
Simple questions to ask yourselves before picking-up a NAC solution:
Can it provide complete visibility? Do I get detailed reporting for compliance? Can it offer context-aware policies based on user role, time, location and the kind of device he or she is accessing the corporate resource from? How much overhead it brings to the administration and management. Can the process of onboarding a user, enrolment and logging be completely automated to bring seamless experience to the users? How can I integrate with existing MDM (Mobile Device Management) solutions?
Now, we can call its NAC 2.0. A rejuvenated NAC. Or NAC reborn! Whatever you may choose to call, don’t knock-off NAC from your IT security budget. Not just yet!
~M.K. Mohan

Comments

Popular posts from this blog

Security and password protection

"They got someone's password, and sent an email to our CFO, who sent the $40,000 wire transfer."

ISODA announces new management committee for 2018-2019

The tenth AGM of ISODA (Infotech Software Dealers Association) announced N K Mehta as its Chairman and Gunasegharan Krishnan as the association’s President for this year.  The Infotech Software Dealers Association (ISODA) concluded its Annual General meeting last week in Mahabalipuram.  It was 10th year of the formation of ISODA incepted in 2008 by a handful of channel companies and its owners primarily to fight the taxation structure for software industry at that time.  ISODA has now grown into a full-fledged and active IT association encompassing over 180 members including channel companies, tech OEMs and others.    Prashant Jain of JNR Management Resources and ISODA member presided over the election of new management committee (MC) at 10th AGM  My immediate priority as the chairperson of one of India’s Premium IT Associations ISODA is to create a five year leadership plan, for a better focus on long term vision and thus make a visible difference for ISODA and i

Are you FAST enough for SAST & DAST?

Banking and Financial Sector companies have come a long way from the conventional banking system to modern means of providing various services to the customers at their finger trips. Long days of wait for cheque clearances, long queues at tellers and the rate of which each transaction used to occur is long gone. Now you have Internet Banking System, Mobile Banking System, and Interactive Video Customer Services. Opening of bank accounts through tablets right from the customer’s home, online transactions through NEFT (National Electronic Fund Transfer), RTGS (Real Time Gross Settlement), IMPS (Immediate Payment Service), payment wallets and several such new features have modernized and simplified banking activities. Technology brings fantastic benefits. However, the IT teams of these financial sector organizations who are into modernization face tremendous challenges. On the customer front, they need to ensure intuitive, colourful and easy to use customer interfaces that ensure t