Everybody knows the history of the Titanic: darkness, an iceberg and not enough safety systems to save the ship from sinking.
In principle, it can be said that the Titanic’s sinking was not primarily due to the Titanic being cut open by the iceberg. It was because the Titanic did not have enough closable chambers, which made it impossible for the water to enter and spread.
But what does this have to do with the security of your network?
Imagine you divide your network into different, independent chambers which, when attacked and infested, do not jump to other areas of your network. This would mean that the damage would be kept to a minimum. For example, you can do this through a port-based Network Access Control (NAC) that allows you to be proactive rather than reactive.
There are two advantages to this:
- First, NAC helps you set up separate areas for personal devices such as laptops and smartphones for employees or freelancers. This saves you the headaches that the BYOD concept might have caused you. The company’s own devices, on the other hand, can be granted more comprehensive access, which can be released with a “certificate”.
- Secondly, it is possible to grant access to a specific area or section depending on the user role. For example, CFOs can gain access to financial systems while administrative staff are denied access. All users are automatically authenticated, authorized and captured by the NAC solution, so no one ends up in the wrong area or section.
Of course, even with a NAC solution, it’s important to have other security measures in place, such as water pumps, in this case virus scanners, to prevent your ship from sinking. But if we assume that we only have the NAC solution, we could be sure that only a single area could be infected in the event of an attack.
If you want to turn your simple Titanic into an unsinkable ship, talk to us! Get more information in our free whitepaper!