Browse archive

Latest news

The CSO perspective on healthcare security and compliance

Jailed hacker designs device to thwart ATM card skimming

Cyber espionage campaign uses professionally-made malware

Form-grabbing rootkit sold on underground forums

Large cyber espionage emanating from India

Over 45% of IT pros snitch on their colleagues

U.S. DOD decides iPhones and iPads can connect to its networks

Digital Government Strategy progress and challenges

Barracuda updates web application firewall

Targeted data stealing attacks using fake attachments

New Mac spyware signed with legitimate Apple Developer ID

Thoughts on the need for anonymity

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

Network Access Control: Bridging the Network Security Gap

by Graham Cluley - Senior Technology Consultant at Sophos - Monday, 03 February 2008.

Those employees and visitors that have been approved, will be granted further access to specific areas of the building, depending on their requirements and position within the company. For example, while the managing director may have 'access all areas' clearance, a temp may only be able to access the parts of the office that they will directly be working in. By giving physical access to the right people in this way, the company has dramatically reduced the associated security risks. You would not let a masked man through business doors, but it's a bit more complicated to prevent them gaining access to the business network - without the right solution in place.

The risk of intelligent users

A common trap that many businesses fall into is only considering to implement NAC if they have remote and mobile workers and frequent visitors, but while these casual users certainly pose a significant threat to company networks, it is equally critical to protect their infrastructures from users within the corporate walls. Indeed, in a recent Sophos poll, which asked more than 200 companies who they thought exposed their networks to the greatest IT threats, 44 percent believe standard employees to be the most dangerous.

Now that technology is so integral to so many people's lives, there are a growing number of expert users who have a potentially dangerous level of IT knowledge, enabling them to evade enforcement when accessing network resources, even if there is only the narrowest of gaps to slip through. Such a gap may arise from a number of scenarios, including the use of DHCP (Dynamic Host Configuration Protocal) networks - enabling a device to have a different IP address every time it connects to the network - or where the rogue computer is using local, statically assigned IP addresses for network access. Problems may also occur if a quarantine agent is not installed on the user's computer. Whilst many of these employees will simply be trying to play the system without malicious intent, they still pose a threat to networks because they are opening holes, giving cyberciminals a backdoor entrance into company infrastructures. This is one example of why companies should not rush headlong into purchasing the first NAC solution they find; unfortunately solutions do vary, and it is crucial to find the best system for the job.