#WeekendWisdom 009 Network Segmentation

Welcome to #WeekendWisdom number 9. This week we’re going to talk about network segmentation.

What risks does this address?

Before I talk about what network segmentation is and how you can achieve it, I just want to touch on some of the risks that it helps mitigate against.

Back in May 2017, the world woke up to something called a Ransomware Worm, which was known as WannaCry. And WannCry became famous because it infected machines in organisations all across the globe. Most notably the UK’s National Health Service. What happened was it got on to a machine in one of those locations, infected it and was able to look across all of what we call a “Flat” network. It was able to see all these other machines around the globe. It then spread to each of these machines and infect them if they were vulnerable.

So that’s the type of thing we are trying to protect against.

Ways to do Network Segmentation:

So if you have an organisation, let’s say like the NHS, they have a lot of locations around the UK, they might consider segmenting their network into regional, or geographical regions. These could be London, South England, Wales, North England, Scotland, Northern Ireland. These are then put into separate segments. If one segment gets infected, the other regions will not be affected. This is because any hacking that is going on in that one region won’t be able to get out of that region, if it’s configured correctly.

Or you might do it by technology. You might want to put all your printers on one segment of the network, your laptops and desktops on another segment, your VoIP phones on another segment and your smart devices, your IoT equipment on a completely separate segment as well. Thus if one type of technology was compromised, the others will not be affected by it. So you would be able to continue to make phone calls for instance.

It’s a fairly technical thing to set up.  You should talk to your IT Department or IT support provider to help set it up. If you are a middling to large organisation it is really worth it.

That’s it for this week.

Let’s be careful out there and we’ll talk to you again next week.

www.L2CyberSecurity.com

www.twitter.com/L2Cyber