NAC For Endpoint Security

IT organizations are fast realizing the hazards of not securing the unmanaged PCs which connect to their network. As a result of this, many are finding themselves under increasing pressure to fill the security gaps left by such instances.

According to a recent endpoint security/Network Access Control(NAC) benchmark study conducted by technology research firm Aberdeen Group, over 75 percent of organizations allow connections from non managed PCs in use by employees, contractors, partners, auditors, and guests.

Such arrangements could prove to be very harmful to a corporate network and if left unaddressed could lead to severe damage to the entire organization, stated the study.

“The best network security strategy falls short if it doesn’t include the risks such as viruses and spyware that can be carried into the network on unmonitored laptops and computers. The risk is high in any company with mobile users, but can be particularly high in situations in which end users such as contractors or students may connect their own computers into an organization’s network environment,” said Mounil Patel, vice president and research director, Aberdeen Group.

The study also revealed that the security gaps that enterprises are most concerned about include finding malware infections, checking the compliance and health of endpoint computers, controlling individual network access, and meeting regulatory requirements.

59 percent of respondents participating in the survey said that they wanted to implement NAC in order to reduce incidents of malware propagation, while 53 percent reported that they wanted the solution to control network access for staff, partners, and contractors.

In order to manage the threats arising from the unknown endpoint devices, 42 percent of the respondents said that they wanted to enforce endpoint software configurations.

According to the study, although most organizations recognize the risks involved, they are incapable of fighting the problem of malware, spyware and viruses because they are unaware of the state of the machines when they connect to the network.

Patel advised companies to rethink their endpoint security strategies and understand the advantages of NAC devices which can be applied to automatically protect and remediate such risks.