Let’s talk network segmentation. In this brief video, I’ll explain network segmentation from a hacker’s point of view and show you more ways it can protect your company. The bottom line is that separating your cattle, horses, and pigs makes it much easier to keep the wolves away.
At a very basic level, network segmentation is like keeping your cattle in the pasture, your horses in the stable, and your pigs in the pen. In this case, the various animals might represent different business groups, geographic areas, and/or device types.
The idea is that you’re slicing your network into smaller, more manageable groups of users and/or devices. And there are lots of good reasons why you should: Network segmentation can be used to optimize network traffic or improve network performance. Properly implemented, it also can facilitate effective monitoring, inform compliance requirements, and better contain network issues when they arise.
But one of the most important reasons, in my view, is that a segmented network can be far more secure.
As an example, IP telephony systems often use standard network protocols. Comparatively speaking, it’s easier to gain access to a phone than it is a network jack. If the phone network isn’t properly segmented from the production network, a hacker might use it as a bridgehead to access more sensitive network resources. Security concerns aside, IP telephony is also sensitive to latency. Having it segmented from high-traffic systems minimizes congestion and increases its reliability.
Improper or non-existent network segmentation is just one of the most common vulnerabilities our team has seen regularly over the course of thousands of penetration tests. For some other frequent missteps we find, check out these videos and subscribe to our channel.
Ready to find out how secure your network really is? Reach out to us and let’s discuss your needs and how we can help.
Download our list of Top 10 Cyber Attacks to learn more about ways to secure your company.
Want to learn more? Take a look at the next part of our Common Vulnerabilities discussion.