Granted, few companies, compared to all companies, need to run highly secure facilities. Doing so is unnecessary and cost-prohibitive. Many companies' goals may be more modest. They simply want to control guests accessing the network. Regardless, before embarking on a NAC deployment, spend the time thinking through all the requirements and processes that you will need to enable your goals.
If your goal is to treat guests differently from employees, then how will you determine a guest user or computer from a company-owned asset? How will a guest be authorized to get a pass onto the network, and who is responsible for doing that? If your goal is more fine-grained access control, perhaps determining access based on a user role or group membership, then where is that information stored, who is responsible for defining who is a member of each group, and what will you do about conflicts that occur when a user is a member of two potentially conflicting groups? It all comes down to defining a process, educating people about the process, and then implementing a product that supports your process.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
