Network access control (NAC) technology can perhaps be regarded as the traffic cop of the enterprise. NAC systems determine who has access to the network and the many applications and data sources within it. Further, the granular controls within NAC make it possible for a user to gain access only to very specific information within a database, but be blocked from seeing anything else in that database.
Here are some of the top trends in network access control:
1. IT/OT convergence
IT deals with information technology matters related to on-premises and cloud infrastructure. Operating systems, applications, networking, compute power, storage, IT security – all fall under the IT umbrella.
OT stands for operational technology. It includes systems used in industrial settings, building systems, and other non-IT settings. Examples are supervisory control and data acquisition (SCADA, programmable logic controllers (PLCs), manufacturing assembly line systems, robotic control systems, heating and air conditioning, and more. Internet of Things (IoT) devices and sensors are also heavily deployed on OT infrastructure.
“The convergence of OT with Network Access Control (NAC) is unlocking new opportunities for IT teams,” said Peter Newton, Senior Director of Products and Solutions, IoT and OT, at Fortinet. “The explosion of IoT devices in recent years has introduced new cyber risks by expanding the attack surface, especially as more businesses converge their IT and OT networks to utilize connected devices.”
Companies like Fortinet are meeting the need for security solutions that encompass IT and OT network by bringing integrated NAC solutions to the market to solve these challenges.
2. On-site maintenance
As those on the OT side are less familiar with IT systems – yet are hurting badly due to cybercriminals increasingly targeting their assets – Newton predicts that more OEMs and other trusted third parties will visit industrial asset owners to do on-site maintenance of their industrial control systems as well as their OT environments.
“NAC can help control what networks those third-party laptops can access, in order to keep data and devices safe,” said Newton. “With the convergence of IT and OT networks, NAC can serve as a secure and automated solution to offer greater visibility across the entire network, while also make it easier for IT teams to onboard new technologies, by reducing the manual work, time and costs required.”
3. SME rollout
NAC has traditionally been regarded as a technology solution for large enterprises with thousands of users. Managing the tangle of access controls for such a large network is a task that badly needs the automated policy-based functionality of NAC. Over time, NAC systems have been drifting downwind. It is quite common for midsized organizations to deploy them. And now it is the turn of small and mid-sized enterprises (SMEs).
“Currently, NAC security is most commonly used by large corporate networks and is often considered too expensive and complex for smaller organizations,” said Newton. “However, a new generation of modern, converged NAC tools have proven useful for reducing these costs and complexities. These tools allow NAC policies to interoperate directly with the network infrastructure, and also simplify the IoT onboarding process by offering a single, accurate inventory of all connected devices.”
4. MFA and biometrics
The shift of employees changing the workplace from office buildings to anywhere, using any devices to access the corporate network, creates enormous challenges for organizations to ensure network security and compliance. NAC plays a crucial role in minimizing security risks and maintaining flexibility simultaneously.
According to Edward Qin, Chief Product Officer at Algoblu, NAC is now incorporating even more safeguards to ensure security. Multi-factor authentication (MFA), for example, adds extra protection for users. As Single Sign-On (SSO) is popular today, the breach of one credential will compromise all other related accounts. Biometric authentication, too, is being increasingly incorporated into NAC offerings. Fingerprint, facial, and iris biometrics can bring convenience and security to improve user experience significantly.
Qin added that zero-trust network access and cloud-based access control are being introduced into NAC solutions as they create a more sophisticated authentication policy to control access to contents/application on an individual basis.
“Cloud-based access control can easily integrate with different security products and manage various sites in one centralized place,” said Qin. “It provides operational efficiency and scales the resources at need.”
5. Conditional access
Denis O’Shea, founder of Mobile Mentor, revealed that 68% of Microsoft customers are not yet leveraging conditional access policies. These policies are included in all Microsoft 365 licenses and are the centerpiece of any Zero Trust deployment. Many administrators, therefore, don’t need to pay more or add more solutions to improve network access security. They just need to turn on these features and improve the scope of their zero trust efforts.
“A zero trust architecture is simply the most effective approach to securing your environment,” said O’Shea.