A company’s security arrangements cannot be considered complete when it only considers physical security. These days data protection is at least as important physical security; in some companies, data is even more valuable than physical resources. Thus many companies have contracted professional help to establish effective network access control.
What Is Network Access Control?
In simple terms network access control is the sum of all security technologies employed to secure sensitive or valuable data. This usually involves the installation of anti-malware and anti-virus software, firewalls and spyware detection programs. As part of network access control, also known as network admission control, users are required to provide identity authentication and network security is enforced through selective granting of access permissions.
This usually involves the use of a network access server which authenticates and authorizes access for potential users by verifying the information provided during logon. In addition, the system also has the power to restrict the areas within a company’s network that each user is given access to. In companies with the most sensitive or valuable information, access restrictions can even include particular days, times, and workstations. Network access control systems can also be set to limit the things particular users can do while in the network. The most commonly restricted activity is web-browsing. This is usually restricted for lower level employees to ensure that productivity is not adversely affected, as much as to limit the chance of malware getting into the system.
Some network access control systems vet potential users to ensure their workstations comply with pre-defined requirements regarding anti-malware and anti-virus software protection, system update level, and configuration. The company is free to set as many levels as necessary to ensure data security. For sensitive areas of the network, there would be stringent requirements. For areas of the network with less amounts of valuable or sensitive information, considerably less protection would be required for granting access. This site contains lots of information about network access control.
BYOD Complicates Network Access Control
BYOD stands for bring your own device. Some companies allow employees to bring their own devices to work. This complicates the task of ensuring only authorized users and devices are allowed access to the company’s network. By allowing employees to bring their personal devices and gadgets to work, there is a greater risk of the network being contaminated with viruses and other types of malware.
So how do network access control systems cope with this? Employees may be allowed to connect personal devices to the company network only on limited basis. For example, the system can be set to allow personal devices to be connected only to the internet; the company’s own network remains off limits, and out of harm’s way.
If there is no choice but to grant even limited access to the company’s network, the company can set a policy whereby agent software is deployed on personal gadgets and devices. The software monitors each gadget for compliance before granting either full, limited or ‘guest’ access.
It may be a bit complicated but, properly used, network access control systems can still adequately protect your data even if employees bring in their own devices.