CIOs seek out NAC on the net

One of the more interesting high-wire acts in the enterprise IT space is how CIOs manage the tension between opening their networks to mobile workers, customers, partners and suppliers, and securing the integrity of their information resources. Network access control, or NAC, is emerging as an interesting topic of discussion in IT, because of its promise of introducing some measure of order in the chaos that is the extended enterprise. NAC is the process whereby devices are checked for security risks prior to admission onto a network. A survey conducted by ComputerWorld shows that there is still a gap between discussion and implementation of this technology. Only about 14 percent of respondents said that they apply endpoint checks for application and operating system patching; the presence of firewalls or anti-virus or anti-spyware tools; USB-attached devices; and password strength. Cost and complexity account for most of the gap between the level of checking desired and the level of checking actually implemented. 

For more on the NAC report:
- read the article in Computerworld