topic Internal Security Zones in Tech Talk

Internal Security Zones

denbesten — Mon, 17 Sep 2018 15:55:24 GMT

I'm looking for strategies to convince middle-management to invest in preventing lateral movement within our network, starting within our data center(s) and IAAS providers, and eventually extending to our manufacturing and office facilities.

The anecdotal stories (Target, Equifax, etc) resonate with the techies, but I am looking things that are a bit more management-ready. For example, best practice documents, comparative peer-surveys, pending or existing legislative requirements, etc. My basic thought is to somehow demonstrate that the ground has shifted such that isolated security zones are now the basic standard-of-care and must become a financial priority.

Any ideas appreciated.

If I could find something like the PCI and HIPPA requirements that applies to Manufacturing, I would be all set. Alas, that

Re: Internal Security Zones

vt100 — Tue, 18 Sep 2018 00:46:45 GMT

In my opinion, you cannot do better than Guardicore for microsegmentation and common security policy enforcement across hybrid infrastructure.

You'll get the lateral threat protection and much more with their Centra product.

If you are strictly a Linux shop, Aporeto is another contender.

Re: Internal Security Zones

CraginS — Wed, 19 Sep 2018 10:42:20 GMT

@denbesten wrote:
I'm looking for strategies to convince middle-management to invest in preventing lateral movement within our network, starting within our data center(s) and IAAS providers, and eventually extending to our manufacturing and office facilities.

Consider using physical world analogies as you tell your story. Ask if in the company's loading dock workers can wander into the HR and or Finance offices and rummage through the file drawers whenever they like. Ask if they have any work spaces for sensitive information that have locked doors or cabinets; if so, ask why.