For any business owner the only thing worse than compliance with Government regulations is non compliance with Government regulations.  No matter what your business is, to realistically and correctly assess the security needs of your network you must know the exact number of active systems on your network.  ‘Approximately’ between 1,000 to 2,000’ is not an answer. If you don’t know the exact number your network cannot be under your control nor in compliance! Fact is that keeping track of any number of valid systems within the mandatory guidelines of the Documented Regulatory Compliance, has grown in the past decade into paralyzing and business debilitating proportions.

At access layers we came to the realization that IP security is in eventuality a layer of network management. Fact is, that ONLY if you can count, control and document all the elements on your network – you can totally secure and keep it in documented compliance with even the stringent Government Compliance Regulations.  It is completely obvious that only when you manage to authenticate ALL your IP network members, you are able to implement the correct security policy for your organization in full compliance with the applicable regulations.

Some of the regulations can be addressed by selecting and implementing compliant equipment.
Fact is that the majority of this equipment is operational in nature, meaning that to ensure compliance you need to pay disproportionate attention to how your IP communications system is designed. In addition, when the equipment is ‘live’ and in line, you have to pay detailed attention to how the business organization and the IT operation are using the equipment. As the networks grow in complexity they are increasingly affected by the avalanche of compliance regulations meant to protect the data and reducing the threats.

A key element in satisfying the Government Regulatory Compliance Policy is that of Documentation. Documenting compliance with regulations such as Sarbanes Oxley, SAS 70, GLBA, HIPAA, FISMA, CALEA, the PCI Data Security Standard to name a few, has become extremely important in preventing unnecessary audits, network down time and the resolution of adherence to regulation issues.*

Most network professionals have come to accept the issues and practice of compliance as key elements in their approach to IT security.  These professionals constantly seek the most effective means to ensure that the network policies and procedures conform to the web of the various regulatory requirements. In their quest, Administrators must do all to cover ‘all bases’, establish correct policies and dictates, provide authentication and legitimate IP access control to the network, audit and document the usage of the system by members and guests and resolve security incidents rapidly and effectively. Obviously they and their enterprise are facing an overwhelming task.

This challenging and dynamic landscape with its need of comprehensive access control solutions is effectively and successfully answered by access layers.  access layers addresses this dynamic landscape with its access control solution that leverages existing network infrastructure to drive IP device authentication and authorization, end point compliance and policy enforcement and documentation throughout the network’s every single access point (port). In addition to managing these universal challenges, the access layers solution is designed to automate key, industry specific requirements.  The access layers solution provides our customers with the flexibility to meet the individual market challenges across numerous vertical markets.

The access layers solution umbrella covers:

• Controls access to sensitive and confidential data
• Guards and minimizes network threats
• Monitors effectiveness of security policies
• Guards against viruses and spy ware on IP devices
• Prevents illegitimate and illegal access activities
• Manages network access by: Identity, Location, Time, Physical presence
• Ensures a secure access for information
• Controls access to electronic sensitive and personal data
• Balances user’s need with the data protection requirements
• Obtains initial and updated registered location information

Beyond the enterprise’s internal security policies, complying with the above requirements comprises much of the administrators duties. portnox™ puts you in compliance and lets you prove it by documentation at your finger tips. Be it a device configuration standards, verification of patch installation, control of unauthorized access, management of daily automated security processes or, ensuring device security parameters, portnox™ puts you in compliance and lets you prove it. portnox™ applies a comprehensive set of policy compliance tests to end points through Windows, Linux, Unix & Mac devices requiring access to the network. The flexible authentication methods and the unlimited ‘authorization checks’ options offered by portnox™ provide the administrator the ability to ‘cover all bases’ and prove it.

In addition to the constant additions of new authentication methods to the portnox™ framework, the administrator can easily create and customize checks to meet organization specific needs and policy changes. For additional information on how portnox™ can work for you, to answer any questions you might have regarding the product and /or service or, just to extinguish your doubts about portnox, contact one of our partners.

* Always consult experienced legal counsel for legal advice with regulatory issues
   that could materially affect the organization.