The Critical Security Controls: What's NAC Got to Do with IT?

by Mark Hardy
Sept. 1, 2017 0 comments SANS Institute Management network access control

Enterprises are leveraging virtualization, wireless, mobile and cloud technologies. These technologies advance service delivery, but can increase operational and security risks. Why? Access to corporate resources and data, as well as these types of devices and applications, has become more diverse and dynamic. In turn, the perimeter continues to become more porous and blurred, which affects IT security policy enforcement and risk management. Given the operating dynamics and diversity, most enterprises are aware of only 80 percent of the devices on their networks, according to a 2011 Gartner report.1 As a result, many endpoints are unmanaged, unprotected or unknown.

https://www.sans.org/reading-room/whitepapers/analyst/critical-security-controls-what-039-s-nac-i...