Question

What types of things would you suggest to a manager be included in a Network Access...

What types of things would you suggest to a manager be included in a Network Access Policy? Should users be allowed to bring their own equipment? Can users connect to the company's network? Can users do personal work on company issued equipment? Find an example policy that a company has and indicate whether you agree with the policy.

0 0
Add a comment Improve this question Transcribed image text
Answer #1

Answer:-

What types of things would you suggest to a manager be included in a Network Access Policy:-

  • Authorization, Authentication and Accounting (AAA) of network connections
  • Role-based control for a user, device, or application post-authentication. This means that a given user and their device are placed into their corresponding permission buckets such that an employee in finance and an employee in HR have access to different resources in their environment.
  • Confidentiality and containment of intellectual property through policy enforcement
  • Identity and asset management
  • Automatically assess a device’s security posture, and allow or block based on if they pass the security check (which can be based on numerous things, such as operating system version, latest patches installed, a certain anti-virus is installed, etc.)

There are a number of use cases that cover all types of organizations using NAC solutions, according to Vinay Anand, VP of ClearPass Security at Aruba, an HPE company. These include the following:

  • Access policy: This is the over-arching use case for NAC, said Anand. It allows the administrator to define multiple access policies that govern users and devices connecting to the network based on specific situations such as user profile, device type or user location.
  • Compliance checks of endpoint devices: When a NAC client runs on end user compute devices, it can continually check and validate to ensure the appropriate software is installed, as well as confirming the devices have updated versions or patch management. If the device fails any of these compliance checks, it will likely be denied access to the network until appropriate updates are made.
  • Guest access: There will be times that an organization needs to allow non-employees to access the network. An NAC solution can provide guests the ability to connect to the corporate network with restricted access.
  • Device discovery and profiling: Due to the increased use of the Internet of Things (IoT), especially in particular industry verticals such as healthcare or manufacturing, the IT administrator needs to a comprehensive view of any and all devices connected to the network. Anand said in these situations, NAC is very useful as it has the capability to discover all devices on the network, and then fingerprints and profiles them so the IT administrator has a global view of what is on the network.
  • Enforcement: There will be times when an unauthorized device or user attempts to connect to the network. When this happens, the NAC solution can automatically disconnect the device. There is also an option to quarantine the device until an investigation is done to determine if the device was supposed to be authorized and why it was exhibiting unauthorized behaviors.

Should users be allowed to bring their own equipment:-

any compromised devices accessing the network can pose risks and easily expose sensitive information. For personal devices, there is less company control over the maintenance of the device, and that is understandably scary for some employers.

It really boils down to management. It’s estimated that fewer than ten percent of companies know all of the devices that are connecting to their networks. While many organizations that allow BYOD have a policies in place, few of those manage their BYOD beyond policy implementation.

Employees don’t have information about the risks of using their devices. For example, they might access unsecured Wi-Fi networks with the same device that they access company networks on – sometimes even unknowingly. On the unsecured network they can easily pick up malware that compromises company assets.

Can users connect to the company's network? Can users do personal work on company issued equipment?

Every business involves the use of some sort of equipment which employees need to do their job, and this equipment is generally provided by the business. While some personal use of business equipment is realistically to be expected, problems can arise when the personal use is excessive.

Problems that can arise in the personal use of equipment that belongs to the business, such as computers, tools, or vehicles, include:

  • broken equipment, which may cause disputes over who is responsible for repair
  • lost productivity, as employees use work time for personal tasks involving business equipment
  • premature wear and maintenance on the equipment
  • morale problems if certain personal use habits are suddenly curtailed or if only some employees are allowed to use the equipment

No matter what your policy is or how much you try to control it, employees will probably use your equipment from time to time for personal purposes. The best way to handle the inevitable is to allow a reasonable amount of slack, but to be consistent and vigilant in creating and enforcing rules to make sure that the personal use doesn't get excessive.

Find an example policy that a company has and indicate whether you agree with the policy:-

ablets and smartphones are necessary business tools, and an increasing number of employees want to retire their company-owned hardware, opting instead to work from their personal devices. And while organizations are skeptical about letting workers save corporate data on the same gadgets where they download their favorite Justin Bieber songs, this trend can lower costs and improve workflow.

There are risks, however, the biggest of which is opening up your business’ network to viruses, malware, and security breaches. There is also the issue of protecting a company’s authority over data if an employee quits. As a result, businesses are looking to security experts for help in developing protocols for the BYO practice. “It’s definitely a huge growth area,” said John Pescatore, lead security analyst for Gartner Research.

Add a comment
Know the answer?
Add Answer to:
What types of things would you suggest to a manager be included in a Network Access...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions
  • A minimum of 200 words is required, and they must be your own words. Including figures and quotes...

    A minimum of 200 words is required, and they must be your own words. Including figures and quotes is value-added, but they will not count against your 200-word requirement. What types of things would you suggest to a manager be included in a Network Access Policy? Should users be allowed to bring their own equipment? Can users connect to the company's network? Can users do personal work on company-issued equipment? Find an example policy that a company has and indicate...

  • Question 1 Assume you are working for Green Energy as a network administrator. The manager requests...

    Question 1 Assume you are working for Green Energy as a network administrator. The manager requests you to develop a network security policy. You consider writing a guideline on securing access to network data by setting up authentication and authorisation and configuring password requirements. a. Explain what authentication and authorisation are, and b. Give at least three recommendations to users on selecting a good password. Question 2 living/working/studying environmentsby collecting and demonstrating the data of temperature, humidity, air quality and...

  • You have been called in to consult on a new network design for XYZ company. The...

    You have been called in to consult on a new network design for XYZ company. The requirements of this design are summarized as follows: on F The building has 3 floors There are 300 user workstations and 10 servers. Users must be grouped according to the projects they're working on, but users for each project are located on all three floors. There must be fault tolerance for communication between the floors. The company leased a building across the street. The...

  • 1. What advice would you offer the medical office manager about implementing a Wi-Fi access point...

    1. What advice would you offer the medical office manager about implementing a Wi-Fi access point on the network? 2. What elements would a policy contain? 3. Develop a high-level standard to address the considerations for implementing Wi-Fi under HIPAA security rule constraints.

  • Imagine you work for a company that has a large network with thousands of people accessing...

    Imagine you work for a company that has a large network with thousands of people accessing it, often one server may not be enough to process website access, file shares, and on. To help combat the problem of your network crawling to a halt, there are some features available that can help avoid this scenario. What are some things you’ve learned about Network Load Balancing that can help spread your infrastructure’s needs to more than one computer? Can you find...

  • You work for EGS Testing Solutions; your company is involved in testing related to access control...

    You work for EGS Testing Solutions; your company is involved in testing related to access control systems. A large, private fitness club contacted your company because their Web server was hacked. The fitness club has a corporate office with 50 workstations, 4 application servers, 2 e-mail servers, 2 Web servers, and 129 franchisees with 10 workstations and about 3,500 members at each location. Except for the equipment at the franchisees’ locations, all other equipment resides at the central headquarters. The...

  • Question 10 / 13 Indicate the response that best describes what you would do in the...

    Question 10 / 13 Indicate the response that best describes what you would do in the situation. Currently, your work unit is having a hard time reaching the production quota due to an increased demand in your company's product. At the same time, you have been given the opportunity to sign up for a new training course that could improve your ability to meet future production goals. What should you do? Inform your supervisor of your production quota and make...

  • Objective: what was the objective or purpose of the lab? Discussion: the work you did to...

    Objective: what was the objective or purpose of the lab? Discussion: the work you did to complete the exercises, including tools or research necessary, citing your sources. This section should include the procedure you used to complete the lab. This section should not be a copy and paste of the lab instructions. You are expected to summarize your procedure in your own words. Results: any data you collected and/or answers to the lab questions. Be sure to answer all questions...

  • H E1-12 Basic Por cach of the following situations, indicate whether you agree or disagree with...

    H E1-12 Basic Por cach of the following situations, indicate whether you agree or disagree with the financial reporting practice assumptions and employed and state the accounting concept that is applied Gif you agree) or violated (if you disagree) principles 1. Wagner Corporation adjusted the valuation of all assets and liabilities to reflect changes in the purchasing .LO1-7 through power of the dollar LO1-9 2. Spooner Oil Company changed its method of accounting for oil and gas exploration costs from...

  • Please help Network Security Fundamentals You are reviewing logs and notice that a large amount of...

    Please help Network Security Fundamentals You are reviewing logs and notice that a large amount of outbound traffic from 1:00am - 4:00am. Your company works a traditional 8:00am - 5:00pm and uses an in house backup solution. What could this be a sign of? Cloud backup Bad login information Aliens Data Exfiltration Which of the following can help protect against an insider threat? Select all that apply DLP Seperation of duties Aliens Job/Position rotation Social media can introduce considerable risk...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT