Some forward thinking businesses are however cottoning on to the risks and have therefore begun to implement security policies which try to control employee use of corporate resources and the internet whilst at work. While such frameworks can go some way towards ensuring that employees toe the line, they can be difficult to implement and enforce. Furthermore, policies alone do not present a watertight solution and they cannot stop all security breaches that are outside user control.

What are security companies doing to support customers?

The complexity of managing modern security applications, combined with a lack of control over employee and visitor computers attaching to the network, has driven many security vendors to incorporate compliance and enforcement capabilities as extensions to existing products. Indeed, some vendors have gone as far as to shift their position from promoting single endpoint security products to creating and endorsing entire suite of endpoint security solutions to give IT departments back the control they need to quash the growing threats to their networks. It has become starkly apparent that companies need support in managing all the various users and endpoints accessing their networks to ensure that security and compliance breaches do not take place.


Network Access Control - helping companies to take control back

Organisations of all sizes are now considering Network Access Control (NAC) as part of a holistic security strategy. NAC not only gives businesses the power to simply and swiftly create and enforce security policies, it can also block or quarantine non-compliant or unauthorized computers that are seeking to gain network access. An effective solution can also determine whether all endpoints are compliant with the organization's security policies; not only prior to granting permission to access the network, but on an on-going basis once these users have been allowed to log on. In this way, companies can rest assured that if a user acts out of line with the security policy, they will be banned from the network until the matter has been dealt with. Furthermore, systems administrators can grant individual employees or guests specific levels of network access, which dictate which resources they can use. These levels are set by looking at a combination of factors, including the user's department, internal role and their level within the company, as well as the status of their endpoint's security solutions.

Replicating physical security measures online

The need to secure sensitive data on business networks, and the NAC method of achieving this, can be compared to the constraints many businesses put in place to ensure the physical security of their buildings. Let's take the example of a pharmaceutical company, which needs high levels of security in order to protect drugs patents worth billions of pounds, and to ensure compliance with strict legislative standards. In this kind of environment, a receptionist would meet all employees and visitors at the front desk. Once their reason for wanting to move forward has been established and the receptionist has accepted that it is in line with the company's security policies, they will then be either authorised or refused entry.