- Mythbuster busts his own tale
- 10 open source companies to watch
- Sony recalls 73,000 Vaio laptops
- Tool to evade China's Web censorship
- Chrome and Firefox and add-ons
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Cosmetics company Estee Lauder is relying in part on NAC technology to meet regulations imposed on it by the payment card industry (PCI) and the Sarbanes-Oxley law.
Specifically, the $7 billion firm with more than 25,000 employees worldwide is using the security technology to meet PCI requirements to regularly update antivirus software and to develop and maintain secure systems and applications.
The company also faces Sarbanes-Oxley requirements that call for verification of policies, access-control assessment, audit capabilities and mitigation of shortcomings based on risk profiles, says Les Correia, senior manager of global enterprise security for the company.
In addition, Estee Lauder is in the midst of an internal initiative to increase the security posture of the Estee Lauder network as a whole. The company has more than a dozen network hubs worldwide that includes divisions acquired from other companies. These hubs had been allowed to run their networks as they saw fit, but now corporate security standards are being imposed, and NAC is playing its role, Correia says.
"We've got a whole bunch of consultants coming in and out and retail stores, people in the field," he says. "We wanted to better manage our security posture."
That concern led the company to buy StillSecure Safe Access NAC gear in 2006. Last year the company reevaluated Safe Access against Cisco and Bradford NAC gear as it launched its global security upgrade. Ultimately, it decided to stick with Still Secure without testing equipment from the other two vendors, Correia says. (Compare NAC products.)
“We were familiar with the vendor. We knew how nimble they were,” he says, and Estee Lauder had done a bakeoff comparing different vendors' NAC gear before its initial buy.
Upgrades in the meantime gave Safe Access more centralized management tools and a way to assign different management rights to different IT groups - those who can set the NAC policies, those who do help desk work, security administrators.
The company is considering use of 802.1x authentication in parts of its network and liked that StillSecure supports the technology as an enforcement mechanism, Correia says.
Safe Access checks whether machines have critical operating system updates as well as antivirus software that is turned on and updated to meet standards.
Rss FeedRss Feed
Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses...
Vulnerability Management For DummiesDownload this concise book "Vulnerability Management for Dummies," to learn about the simple steps...
The ROI and TCO Benefits of Data Deduplication for Data Protection in the EnterpriseThis paper examines and quantifies the costs and benefits of backup with deduplication storage as...
Life on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
We have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment