The risk of intelligent users
A common trap that many businesses fall into is only considering to implement NAC if they have remote and mobile workers and frequent visitors, but while these casual users certainly pose a significant threat to company networks, it is equally critical to protect their infrastructures from users within the corporate walls. Indeed, in a recent Sophos poll, which asked more than 200 companies who they thought exposed their networks to the greatest IT threats, 44 percent believe standard employees to be the most dangerous.
Now that technology is so integral to so many people's lives, there are a growing number of expert users who have a potentially dangerous level of IT knowledge, enabling them to evade enforcement when accessing network resources, even if there is only the narrowest of gaps to slip through. Such a gap may arise from a number of scenarios, including the use of DHCP (Dynamic Host Configuration Protocal) networks - enabling a device to have a different IP address every time it connects to the network - or where the rogue computer is using local, statically assigned IP addresses for network access. Problems may also occur if a quarantine agent is not installed on the user's computer. Whilst many of these employees will simply be trying to play the system without malicious intent, they still pose a threat to networks because they are opening holes, giving cyberciminals a backdoor entrance into company infrastructures. This is one example of why companies should not rush headlong into purchasing the first NAC solution they find; unfortunately solutions do vary, and it is crucial to find the best system for the job.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.