You’ve probably heard about microsegmentation, a security strategy that’s making waves in enterprise data centers and the cloud. But if you’re a bit lost on all the details, you’re not alone. Let’s break down the must-have information on this powerful tool that reduces the risk of cyberattacks, and understand why Gartner named microsegmentation in their top 10 security projects. (For more information, see our Guide to Microsegmentation.)
Why Do We Need Microsegmentation?
Historically, network security was focused on a company’s external perimeter, stopping attacks moving North-South, in and out of an enterprise network. That was fine for traditional data centers with flat networks, but today’s modern systems are very different. The digital transformation has meant that now as much as 85% of traffic is actually moving East-West, inside the data center. Whether this is IoT traffic in the healthcare industry, SaaS in the financial world, or simply enterprises embracing work from home and mobile apps, better security controls for the immense amount of internal traffic than the legacy firewall are needed. The perimeter as we knew it, has all but disappeared.
Instead, microsegmentation technology creates micro-perimeters, containing users, workloads, applications, and data into segments that can stay protected, even if the worst happens and an attacker makes it inside your data center or was invited in unawares.
What Do Organizations Use Microsegmentation for?
As a broad risk reduction strategy, microsegmentation has a wide variety of use cases, but here are some of the most popular.
Environmental Network Segmentation:
Businesses can separate high-risk areas from low-value environments, for example, production can be separated from development. This leads to a reduced attack surface and is a basic best practice that any organization should have on its roadmap. The segmentation works to create secure zones in cloud environments, the hybrid cloud, or in an on premises data center.
According to most regulatory compliance mandates, your organization is responsible for proving that your sensitive information is segmented and isolated from any potential attack. For financial organizations it’s PCI-DSS, for healthcare it’s HIPAA, and for anyone who handles EU data, it’s GDPR. Microsegmentation allows you to segment what’s in scope, proving that you’re compliant in case of an incident or an audit.
User-identity access management:
Strong micro segmentation tools will allow you to create isolated user sessions and secure them individually so that any stakeholder can access what they need, and no further, minimizing the network attack surface. This strategy utilizes the principle of least privilege or a zero trust security model. In case of credential stealing, the attacker will be limited to what they have the ability to access, and will be unable to escalate the credentials or make lateral moves to sensitive assets or ‘digital crown jewels’.
It Starts with the Map
These benefits are all possible by adopting intelligent microsegmentation technology, but before you begin, you need an accurate and real-time map of your whole ecosystem, from end to end. After all, how can you secure what you can’t visualize?
First, make sure that your visibility tool is platform-independent, and doesn’t limit you to a templatized system or any particular OS or hardware. Today’s enterprise environments usually straddle a hybrid mix of on-premises and legacy, SaaS and cloud, and future-focused technology such as container systems or microservices. The best partners in your microsegmentation journey will be able to perform equally well on all channels, providing visibility with zero blind spots.
Next, think about wire data. This is the smartest way of mapping your network, identifying everything with an IP address, and filling in the gaps by gleaning insight from load balancers or using orchestration data from AWS and other providers. Any solution that uses agents won’t be lightweight and simple to onboard and may have an impact on performance that isn’t worth the hassle.
Lastly, it’s integral that you have a view not just of everything in your environment, but also the application dependencies between different assets. Without a view of application dependencies, how can you know what impact a change will have on your ecosystem, such as microsegmentation that limits communication and flows? The last thing you need is to do is explore the risks you should be aware of and tighten security at the risk of business-critical systems and operations.
In contrast, a visibility solution that provides all dependencies does much more than native cloud solutions can. For example, it provides a full-stack view of your whole network and gives you the insight you need to plan policy intelligently without blind spots or guesswork.
Powerful Risk Reduction starts with Incisive Visibility
Microsegmentation is more than just an exciting buzzword–it’s an important strategy for any business. But take a step back before you rush into policy creation. When microsegmentation technology is implemented correctly, it can have wide-reaching benefits on the security posture of your enterprise, offering seamless compliance and best practices at the workload level. To make this happen, you need to add visibility in an early and continuous way throughout the project, accurately identifying your critical assets and sensitive data, and understanding at a glance the impact of policy across a heterogeneous environment.
Want to learn more about Faddom’s approach to microsegmentation? Read the white paper.