Sophos protect SME’s
Published January 16, 2008 at 2:13 pm · Filed under Features
Graham Cluley, senior technology consultant at Sophos, explains how network access control can help protect SMEs from security breaches
Graham Cluley
Ten years ago, technology in the workplace was a very different kettle of fish to today’s ubiquitous hi-tech landscape. The internet was just gaining popularity; the first version of AOL instant messenger was launching (though it was rarely used within the office); mobile phones had barely become portable as they shirked off their bulky battery packs; there were no iPods or social networking sites, such as MySpace and Facebook; and P2P networks like Kazaa or Skype did not even exist.
The evolution of these technologies and their growing presence in today’s corporate environment is impressive. Integral to many employees’ daily worklives are USB drives, instant messaging, wireless internet and remote access. Corporate networks are also contending with the use of Web 2.0 sites and applications, file sharing and a variety of new modes of user interaction.
While the vast majority of these new technologies offer some benefit to different organisations, they also open the door to additional security vulnerabilities in the form of malware, spyware, spam and Trojan horses. Failure to mitigate against these channels of cyberattack can leave the corporate network exposed.
Many businesses have therefore begun to implement security policies to try and control employee use of the internet at work. These can go some way towards ensuring that employees toe the line, but they can be difficult to implement and enforce - especially for small businesses that may not have the resources or money to dedicate to IT.
Furthermore, policies alone do not present a watertight solution and cannot stop security breaches outside user control.
Thankfully, security solutions have evolved to overcome this problem. As part of an overarching security strategy, organisations of all sizes are considering Network Access Control (NAC). NAC enables businesses a) to create and enforce security policies and determine whether to grant a specific level of network access to employees or visitors accessing their networks; and b) to block or quarantine access to computers that are unauthorised.
NAC solutions can judge whether a user trying to connect is compliant with the organisation’s security policies prior to granting access. They can also determine access levels using a combination of factors, including user’s department, internal role and their level within the company.
Many businesses are under the misconception that implementing NAC is most important for companies with remote and mobile workers or frequent visitors. While it is common for companies to implement a NAC solution to protect their networks from users accessing it from outside, it plays an equally vital role in protecting against the threat from within.
Restricted access
One useful NAC analogy is that of an office building. All employees and visitors are greeted at the front desk, and after assessing their intentions and ensuring they are in-line with the organisation’s security policies, most are allowed to move forward to the next floor, department and/or security level. From there, employees and visitors will be granted further access to specific areas depending on their job or status.
While the managing director is likely to be given unlimited access, lower level employees could be restricted to their own department and visitors connecting to the wireless network may only be allowed access to certain internet sites. This will minimise network disruption, downtime and the costs associated with integrating different technologies, and provide both the quickest and greatest return on investment.
The right solution
There are a number of different ways to implement NAC: solutions can be hardware- or software-based, standalone or integrated into the internal network infrastructure. The right solution differs for each company and depends on several factors, including the network environment, main methods used to access the network, and of course budget.
For most small- to mid-sized businesses, the most effective NAC solution is one that can assess the security level regardless of the specific solution in place, and work seamlessly within existing IT infrastructures.
When considering NAC, small businesses should ensure that the solution offers a number of key functions:
- It should integrate with existing network configurations with minimal impact and cost, and be flexible enough to accommodate new security strategies as they arise;
- Its capabilities should go beyond standard network-based enforcement, including the identification of, and protection against, everyone trying to access the network - whether they are known or unknown;
- An effective solution should monitor security devices that are already connected to the network and act as an enforcement of corporate security policies and compliance issues; and
- It should provide effective, comprehensive and simple reporting.
By implementing a flexible and dynamic NAC solution, an SME will be able to combat today’s threats, while being equipped to protect against tomorrow’s.
www.sophos.com
