The rapid adoption of BYOD has led to an explosion of personally owned mobile devices connecting to business networks. This has significantly expanded the attack surface for most networks, and made it much harder to protect company networks from possible cyber threats. IT staff continually face the challenge of providing network access to unmanaged devices. In addition, the increased use of mobile devices and the plethora of applications running on them create a challenge for an organization to provide access to corporate resources while maintaining security needs to mitigate cyber threats. This challenge is exacerbated by the growth of new Internet of Things (IoT) devices connecting to the enterprise networks.
In light of these trends, end-to-end network visibility has become a critical element of a comprehensive security posture. Since it’s not possible to protect what cannot be seen, a key first step is to identify and profile every single trusted and untrusted device on the network for appropriate network access. Device trust can be established based on a number of factors, such as the type of device, presence of certain applications and the profile of the device owner.
Lack of knowledge of device ownership leaves a gaping hole in the contextual information that’s necessary to define network access polices. Identification of every single user on the network is critical to segmenting the network and securing access to sensitive corporate assets from unauthorized access.