Why you should be thinking about Micro Segmentation

Micro segmentation is a phrase that’s been bouncing around the industry for a while now & I can understand why the non technical and even the technical could easily get confused.

It aligns with Zero Trust, another industry term that’s incredibly important but gets thrown around a lot without much explanation of what it is and how it’s used and implemented. As with Zero Trust, Micro segmentation is a journey & although it could look complicated, it doesn’t need to be with the right processes and consultancy.

Security is done in layers, with each layer making it slightly harder for anyone that wants to get into your environment so that it’s not worth their time.

Micro-segmentation is a way to improve security in a computer network by breaking it into smaller, more manageable parts. Think of it like dividing a house into rooms and locking each door, so if a burglar gets in, they can’t easily move around. In the same way, micro-segmentation helps stop cyber attackers from moving freely through a company’s systems. It allows businesses to control who can access what, making it harder for threats to spread. This extra layer of protection helps keep important data safe and reduces the impact if something does go wrong.

It isolates machines from each other, applications from each other & networks from each other. It makes it harder to move around your environment & makes it easier to isolate devices that have been compromised.

An attacker might access an OT Device like a camera (or in one case a fish tank thermometer) , however they won’t be able to then take that and move across to a workstation or server. Or they might get access to a Laptop & stop the EDR but will be immediately unable to move across to a server as even the legitimate user of that laptop isn’t able to access servers directly.