Some analysts predict that within the next five years, 30 percent of workers in developed economies will be telecommuting to work; software company Intuit predicts that by 2020, more than 40 percent of US workers will be contractors and contingent workers. Layered mobile network security and network access control is crucial to securing today's workforce from cyber threats.
Let’s be honest: who doesn’t love the idea of working from home? While telecommuting isn’t suitable for everyone or every industry, modern technology has enabled many organizations to shift some, if not all, of their labor resources to a remote workforce model; instead of centralizing work in brick-and-mortar offices, workers are connected remotely via the Internet.
From a CFO’s perspective, a remote workforce offers attractive financial benefits, including the potential for increased efficiency, lower labor costs, improved worker satisfaction, and the opportunity for companies to sell themselves as flexible employers. Some industries even require remote access to corporate networks, particularly in certain types of manufacturing where third-party vendors must remotely monitor and control production systems. Even the U.S. government has acknowledged the financial benefits of remote workforces; during four official snow days several years ago, federal employees who telecommuted instead of coming into the office saved an estimated $32 million, according to the New York Times.
Despite the benefits, there are also significant drawbacks to consider. For a CIO or IT manager, allowing employees to remotely connect to corporate networks– either through intranets, email servers, or other access points– raises serious data security concerns, as allowing unchecked devices and users to connect to a network can expose corporate data to attack. These concerns demand, at the very least, investments in layered security systems including a Network Access Control (NAC) solution.
So what is Network Access Control, and why is it so important? NAC is a core part of what is called “endpoint security,” which protects corporate networks from infection or attack when bridged to remote devices, most commonly through Virtual Private Network (VPN) connections. Leading NAC solutions provider Symantec defines NAC as “managing tools and technologies that control which hardware devices can access your network resources – and creating network protection controls to comply with enterprise security policies.” In other words, NAC acts as a vigilant gatekeeper to your network, ensuring devices requesting to connect are in compliance and maintaining control over user accessibility once admitted.
To illustrate, picture an airlock on a space ship, an astronaut must pass through two airlock doors before he is allowed to enter his shelter. NACs perform a similar function in network security; before a device is allowed to connect to a network, the NAC scans the device to ensure it is in compliance with the network’s data security protocols, including making sure the antivirus is up-to-date. Once the connecting device passes this initial pre-screen, the NAC retains control over what the user can access on the network, and continues monitoring the user throughout their connection.
The idea seems pretty straightforward, right? Well, NAC is expensive. According to Rob Whiteley, a senior analyst at Forrester’s, in 2006 the cost of implementing NAC ranged anywhere from $100,000 to $1,000,000 and took around 18 months to complete. Since then, traditional methods have given way to the advent of cloud computing, which experts say have made “traditional methods of access [to internal resources and data like NAC] … more costly, complex, and generally carry more risk.”
All of this is to say: whether your business is large or small, data security matters. While many industries may be shifting toward a remote workforce model, deciding whether to allow your employees and vendors access to your network is a major business decision with serious financial and technology implications, one which demands input from leaders at every level of your enterprise, from the C-Suite to IT. To learn more about NAC and the layered security model, download our new eBook below.