Can you confidently say who is connecting to your network?
The prevalence of attacks from inside networks demonstrates that perimeter-based security is outdated and insecure. New insider threats now evolve from within the organisation. Network access control has never been more critical.
Network access control challenges created by IoT, BYOD and a mobile workforce
Pressure from employees and other end users to implement BYOD requires security processes and protocols to be device and platform agnostic. It also requires clear policies in place to deal with data leakage, public exposure at unsecured WiFi hotspots, loss or theft of the device, or malicious apps with compromised integrity.
Together with the advance of IoT and mobility projects, they pose a triple-pronged threat to traditional forms of network access control (NAC), which have historically been static, highly regulated server-based systems that are unfit to manage multiple types of devices and operating systems across a modern network that incorporates SaaS applications, cloud environments.
The prevalence of attacks perpetrated from inside networks should suffice to demonstrate that perimeter-based security is outdated and insecure. New threats now evolve from inside the organisation—attacks involving malicious, compromised or negligent users, systems and devices.
Insider threats, whether malicious or accidental, are notoriously difficult to detect. Many organiSations still lack the ability to identify when a user deviates from his or her normal pattern.
Organisations can no longer look at security in the same way. But how do we update this practice to reflect the complexity of today’s multi-platform, hybrid cloud and on-premise network environments—and the requirements of the people accessing them?
Close the NAC loop
Incorporating a closed-loop approach where you identify anomalous traffic, enforce granular network access control policies, protect using embedded security features of mobile devices, and create a unified response plan for when your network is threatened is one approach we would recommend.
Innovative approaches to NAC are incorporating behaviour analytics to isolate anomalous user behaviour as a potential threat. User and Entity Behaviour Analytics (UEBA) is seen as one of the smartest approaches to solving the dual challenges of smarter threats and undervalued security operations. Premium products can integrate with a wide variety of endpoint detection software, enterprise mobility products and other tools in your security arsenal to provide a holistic view of your network's health. This allows you to leverage all the disparate technologies and platforms you’re using and collate incident analysis responses from multiple vendors, offering you a variety of perspectives—or possible remediation actions.
In addition, a software-defined perimeter permits a zero-trust model of NAC. With this in place, you can build detailed network access control policies depending on user, device, traffic pattern, device health, location or file/application requested, with visibility and controls across multiple vendors and both wired and wireless networks. Sophisticated NAC solves the problem of having to provide guest network access to office visitors: interviewees, partners, consultants, etc. who will expect to be able to access a network, and temporary access is easily administered by receptionists and security staff.
Products like Aruba ClearPass close the loop so only approved, authenticated AND healthy IoT, BYOD and corporate devices can connect to your network.
We are all familiar with the financial impacts of a network attack. Given the increasing reliance on network accessibility within certain sectors—particularly logistics, transport, oil and gas, construction, power generation and healthcare—the potential for disruption can be more than just inconvenient, it can be catastrophic.
Are you confident you are spending your information security budget in the right places?