FOR, by Hilik, Kotler, co-founder and VP for business development, Promisec
NAC vendors purport to provide a solution for internal threats; however, NAC is a partial solution which addresses only a small part of the problem.
In contrast, endpoint security looks at the make-up and operation of all desktops, laptops and servers in a network to make sure no hidden threats exist that could expose the organization to a full-blown security breach.
Although NAC includes elements of endpoint security, businesses should not make the mistake of believing that the two technologies are one and the same. NAC, by definition, ensures that only devices which are authorized and deemed "clean" from security threats are allowed network access. It does not handle
the problem of non-compliant behavior — intentional or otherwise — once an endpoint device is connected to the network.
Comprehensive endpoint security products address the full scope of internal threats that niche products — such as device protection, application protection and NAC — cannot achieve on their own.
AGAINST, by Alan Shimel, CSO, StillSecure
We talk about "complete NAC," which incorporates several capabilities that work together to protect the network.
The first is pre-connect testing, accomplished using an agentless or agent-based approach. Pre-connect testing is deep and expansive, but most importantly, can be used on both managed and unmanaged devices.
Second is post-connect monitoring.
Utilizing behavior-based and signature-based traffic analysis, malicious network activity triggers an immediate response to quarantine the offending device.
Third is identity-based access control, where devices only have access to permitted assets.
NAC and endpoint security are linked. We would all be safer if networks only consisted of managed devices, but the reality is that networks are open to vendors, contractors, guests, and others not under our control. The fundamental difference: NAC protects the network and its key assets. Endpoint security protects the endpoint. There is a place for both in today's layered security model.
THREAT OF THE MONTH:
What is it?
Organizations work with an increasingly complex mix of outside firms on collaborative endeavors, extended business operations and cooperative ventures. A contractor can
easily circumvent the minimal protections often applied to the sensitive files stored on corporate servers.
How does it work?
It is easy to copy full files and transport them, either to innocently perform required work, or with the intent to sell proprietary information for profit. Shielding information from inadvertent disclosure and ensuring data privacy in this more open environment is a significant challenge.
Should I be worried?
This can result in the sharing of intellectual property, business plans or internal communications, and can strike at the core of a business.
How can I prevent it?
Protect data by encrypting files stored on servers.
Secure all data exchanges with business partners. Take measures to include business partners in your data security practices.
Centrally enforce security policies on the use of removable media. A combination of access control and the use of company issued encryption keys make it very difficult for unscrupulous contractors to smuggle information out of an organization.
— Malte Pollmann, vice president, products, Utimaco