As technology evolves, more and more defense techniques are brought forth in the eternal battlefield that is the Internet. From Firewalls to Intrusion Detection and Prevention Systems, a relatively new concept comes in: Endpoint Enforcement through Network Access Control Systems.
NAC solutions, when well implemented, enable an organization to regain control of its network by setting up policies to allow or restrict access. Cisco Network Admission Control and Microsoft Network Access Protection are two example solutions, but there are scores of them out in the market from other vendors (Symantec. McAfee, etc.)
NAC solutions have evolved and reached such a maturity level that most companies and organizations should definitely integrate them in their environment.
However, despite these technological advancements, it is still down to the user (the weakest link of the security chain). Companies should devote more resources to improve information security awareness within the employee base. Experience has proven that just simply having the employee read and sign an information security policy to which they’re suppose to comply to isn’t paying. It’s similar to civil or criminal law; people are aware of its existence, but most definitely don’t give much attention to it.(that it until they get caught up).
As such, in this eternal battle of technology against human attitude, the winner is already known!