Cyber beacons: The challenges of new technologies

Share this article:
Cyber beacons: The challenges of new technologies
Cyber beacons: The challenges of new technologies

Of those organizations trying to facilitate bring-your-own-device (BYOD) in their workplace, many are turning to network access control (NAC) to handle guest access from controlled devices, which can be set up in locations identified for personal use. Like the protected internal network, the guest network can be monitored for data flows indicative of IP or personal data moving onto devices or out of the organization.

Enhanced NAC tools can also be used to scan the security state of the device attempting access: Is it configured properly? Does it contain a beaconing application, such as malware or file sharing?

“Monitor for data leakage at the network egress (outbound) point using any combination of network and agent technologies,” says RSA's Williams.

By logging in, employees are also registering their feeds through the organization, which then provides critical records for follow-up on policy, says Thomas Logan (left), CTO of HiSoftware, which provides software and services around collaborative data environments.

Logan also recommends using web crawlers and keywords to search for abuses of policy across web mediums. Brand recognition software can do some of this, but much of the search involves good, old fashioned keyword searches on behalf of the organization, according to experts.

“Sensitive data should not be put into unmonitored, collaborative Web 2.0 environments in the first place,” Logan says. Access should be based on need to know, and sensitive data should be encrypted, he adds.

“Once data is published somewhere on the web, it's hard to redact,” AIIM's Miles says.

Page 3 of 3
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in Features

Case study: Big LAN on campus

Case study: Big LAN on campus

A university rolled out a wireless network, but was hampered with a user-support problem...until a solution was found. Greg Masters reports.

2014 Women in IT Security: Stacey Halota

2014 Women in IT Security: Stacey Halota

When she stepped into the job of vice president of information security and privacy at Graham Holdings Company in 2003, Stacey Halota had to carve out new territory because her ...

What's sex got to do with it?

What's sex got to do with it?

Harassment has no place in the security industry. Neither do sexism or discrimination. But, there they are. It's time for infosec to just say no, reports Teri Robinson.