DARKReading published a blog post on network segmentation, calling it “a fire code for network security”. How so? The article points out that after the Chicago fire of 1871 when fire was able to jump from one building to the next, fire codes were implemented to use flame resistant materials and increase the space between buildings – effectively segmenting to prevent the rapid spread of flames.
We often see flat networks where there is no segmentation in place. The justification is usually that all staff need access to everything, it’s not worth the trouble to segment, or the network just grew organically. The problem is just like with the illustration of the fire spreading from building to building, if an attacker accesses the network, they have access to everything.
Segmenting your network can increase your cybersecurity by enforcing policy, restricting access, and decreasing your attack surface. Even if you are breached, proper segmentation can be very effective against a rampant spread. So read the full post and consider implementing this “fire code” in your own network.
