Compliance without the angst

Get the right network access control for safe compliance, says T Kent Elliott

T Kent Elliot

Recent compliance initiatives have imposed a heavy burden on IT professionals. The initiatives can be technically vague, causing confusion and leaving implementation open to interpretation.

Managing the protection of sensitive information in an efficient and cost-effective way poses a challenge for IT administrators.

Despite installing firewalls, authentication servers and intrusion detection and prevention systems, IT administrators are often unaware what is on the network at any time.

Many technologies achieve some data protection, but network access control (NAC) technology can offer several disparate functions in one platform.

While no single proposal will deliver compliance in a box, three key elements achieve regulatory or corporate compliance through NAC: visibility, policy enforcement, and remediation.

NAC must be able to detect every device without prior knowledge of that device, eliminating the possibility of installing an agent ahead of time. Clientless NAC is ideal.

Organisations must be able to translate written security policies or compliance initiatives into enforceable network security policies. The technology needs the flexibility to adapt to each environment.

Multiple enforcement mechanisms should help the focus on user productivity. It is best to use light enforcement for minor violations with more severe enforcement for serious infractions.

Fixing compliance deviations to return to full productivity is the administrator’s final step. The more automatic the remediation process, the less disruptive to the user. An ability to integrate increases the value of both systems.

Access control technology can help IT administrators meet corporate and regulatory requirements through providing insight into who and what is on the network.

Administrators can implement strong access controls, protect sensitive data and report on access control measures, while continuing to ensure business processes are unaffected.

T Kent Elliott is chief executive officer of network policy management vendor ForeScout, a firm that provides network access control.