Content

Do you know who your users are?

This month we explore tools to help us wrangle our users and separate them from the herd of bad guys trying to enter our enterprise without authorization. These tools come in two flavors: identity management and network access control or NAC. Both of these tools are important because they allow us to manage some very important aspects of access.

First, we need to know who our users are. That is not as simple as it sounds, especially for large enterprises. When you have a lot of users, and you want to make certain that you have the important information about them, you are faced with, at best, a logistical challenge. At worst, you may have no idea who is or is not authorized to access various aspects of your enterprise.

Second, we need to manage those users' access to various resources on the enterprise. This becomes a challenging application of identification, authentication and authorization. That challenge is what this month's products are all about.

Identity management includes – or can include – several functions. Most important, it needs a way to provision users to the network. That means accepting the new user, managing the password creation process and making the connections that the user is authorized to have. These tasks need to be coordinated with some sort of database so that there is a central authentication mechanism when the user logs back in. That database usually is something such as Active Directory.

Once the user is provisioned, there needs to be some method of managing the user on an ongoing basis. That is where NAC enters the picture. NAC is used to perform several tasks. First, the NAC recognizes the legitimate user and checks for a profile. The profile tells the NAC what the user is allowed to do once they are allowed onto the enterprise.

This month's products help you do all of these things. Contributing writer Nathan Ouellette takes you through the intricacies of network access control, while SC Lab Manager Mike Stephenson steers the identity management products. Thinking of these two important product groups together will help one gain perspective on user management. Applying them will help actually manage those users more efficiently and securely.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.