Some companies I know are requiring that laptop computers be scanned before use (another impossible task). Others are attempting to use personal firewalls on laptops to prevent worms from leaving infected computers.
I don't know of a 100% sure technical control. (How can you prevent the laptop user from finding a network port and plugging in his laptop?) We've spent decades getting wired access everywhere, but how much of it do we really control? But one idea floating around is to require any new connection to the network to be authenticated and screened for adherence to security policy, just like we require external access to be screened. The security policy may include personal firewall, antiviral, etc.
Dig deeper on Network intrusion detection and prevention and malware removal
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.