Microsegmentation, security and your network

Microsegmentation, Network SecuritySecurity is a major concern for IT practitioners everywhere. And with the expansion of the internet of things (IoT), the landscape can seem unwieldy, fragmented and ripe for malicious exploitation as ever. The upside to the data breaches making the headlines is that IT teams have heightened awareness of the potential risks and are exploring different ways to safeguard customer data. One layer of many security approaches is to build walls and segment various parts of infrastructure, especially in light of the amount of time hackers have been able to lurk on systems and invade more territory.

One approach is to use microsegmentation to ensure the right person accesses the right information from the correct device, restricting the spread of vulnerabilities to other parts of the system. There are a few applications where microsegmentation helps decrease vulnerabilities. Healthcare organizations have to be particularly controlled to preserve patient confidentiality, adhere to HIPAA requirements and maintain compliance. Additionally, as caregivers and healthcare tech spreads across IoT, the security guardrails have to grow to match.

For example, a doctor may coordinate a patient’s care through email, file attachments, and other various communication. If she’s reviewing patient files, microsegmentation can help obscure or restrict access if she’s reviewing them while attending her child’s soccer game versus her office at the hospital. As another example, an on-call nurse may have administrator privileges at one hospital, but microsegmentation would limit her access accordingly if she attempts to access the same intra-hospital platform from a different hospital or shift.

Since these permissions rely on internal communications, IT teams can take multiple approaches for segmenting their internal systems. However, walling the various networks and infrastructure can introduce additional complexity and risk. Enterprises have already started to take advantage of microsegmentation and implementing varying permissions with approaches like Cisco ACI. With this infrastructure, teams can automatically assign security according to zones and endpoint groups based on certain aspects. For example, if your team identified a vulnerability in a recent OS update, you could decide to quarantine machines running that version in case they had been compromised. Once IT is able to upgrade the machines, they’ll automatically no longer be part of the quarantine.

Ready to learn more about how KeyInfo and microsegmentation can increase your security? Contact us.

Drew W.
Key Information Systems