|
Technical Solutions
There are significant benefits to leveraging controls over network facilities. Pershing's Kennedy recommends organizations create a virtual desktop environment via remote access in order to limit and control contractor activities on the network. Such a system is an extension of the concept of role-based access control, he says.
The marketplace has provided a range of tools to help tackle the challenge of managing contractor activities on the network and protect intellectual property. For example, network access control (NAC) products like CounterACT by ForeScout Technologies provide capabilities that can help control contractor access while giving them the freedom needed to complete assignments. CounterACT operates without a software agent to let administrators create a virtual visitor network without adding infrastructure. CounterACT can quarantine users and limit their access to a defined set of services, such as outbound Internet access.
Similarly, Symantec's Network Access Control provides capabilities to block or quarantine users on the network, and performs host integrity checking to verify patch levels and antivirus updates. Other NAC products include F5 Networks' FirePass, and StillSecure's Safe Access.
Meanwhile, data leakage prevention tools such as Tablus' Content Alarm suite can help an organization control sensitive files. Content Alarm allows users to establish policies to identify sensitive data files and designate them as "private" to prevent them from being copied or printed. This is a valuable control to prevent contractors from copying data to USB flash drives and other portable media that can be easily lost or stolen. Content Alarm can also automatically encrypt private files when they are sent via email.
Other vendors in the data leak prevention market include PortAuthority Technologies (acquired earlier this year by Websense), which offers software and appliances that control data on workstations and hosts, data in transit, and controls copying to external media including USB flash drives.
However, the solution to contractor security is probably going to require more than technology for most organizations. Meholic of BSC Services warns, "No matter what the problem is within information security, never rely solely on the technology. You need policies and procedures for verification, and notification of attempts to circumvent security."
|
