by Neil MacDonald | March 9, 2011 | Comments Off on NAC, DLP and Application Control: It’s About the Visibility, not the Control
Sitting here in the airport getting ready to fly back home, it occurred to me that all of these hyped technologies have had a critical shift in mindset over the past several years.
Each of these technologies was originally touted with their ability to block and control “bad things” from happening. With NAC, this entailed blocking guest machines that didn’t conform to enterprise policy (patch and so on) from gaining access to the network. With DLP, this entailed blocking the leakage of sensitive data from the enterprise network or an enterprise endpoint. With application control (aka whitelisiting), the goal was to block unauthorized applications from running on enterprise endpoints.
Blocking is easy. Blocking bad things without getting in the way of our users doing good things proved to be much, much harder. We inadvertently got in the way of good people getting their jobs done.
I’ve seen a shift in focus in each of these technologies from “blocking” to “monitoring” to provide visibility and intelligence as to what is actually taking place on our IT infrastructure.
NAC becomes network access intelligence, helping us to understand what devices are connecting to my network.
DLP becomes data lifecycle intelligence, helping us to understand where sensitive information is created and how it flows throughout the systems and people in my organization.
Application Control becomes application intelligence, helping us to understand what applications people are really using and how end users are extending their workspaces in ways that IT can’t pre-anticipate.
In all these cases, blocking only takes place after we have a good understanding of what devices, applications and information our people, systems and processes are using.
Blocking is not the goal, intelligence is.
Blocking is a blunt instrument to be used only after we’ve got good insight into how the 99% of employees just trying to get their job done are actually working.
View Free, Relevant Gartner Research
Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.Read Free Gartner Research
Category: beyond-anti-virus endpoint-protection-platform security-intelligence
Tags: beyond-anti-virus endpoint-protection-platform information-security next-generation-security-infrastructure whitelisting
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.