An employee gets an email that says their invoice is attached. Opening the attachment downloads a computer virus that encrypts the files on their computer in seconds. The virus spreads to other computers in the company and soon the entire network is taken down and a cyber-criminal is demanding a hefty ransom in return for the encryption key that’s required to release the data.
这就是网络专家所说的——寒冷、黑暗的一天. 这一天你会遭遇网络攻击.
While cyber-attacks like this ransomware scenario can happen quickly, these days it’s more common for the bad guys to take their time lurking around a network in order to get to a bigger target. 事实上, IBM报告 found that the average time to identify a breach in 2020 was 228 days.
那是很多时间来挑选账户凭证, and wiggle into the networks of your customers and vendors. 所以如果入侵者有可能是 在你的社交圈里不被发现地转了好几个月 and you won’t know it until they make their big strike, you need to do something different.
What you need is a layer in your security strategy that limits lateral movement through your network. Limiting movement limits the potential damage that a cyber intruder can do, and 网络市场细分 澳门赌场网址大全策略能帮助你做到这一点吗.
什么是网络分段?
Network segmentation is the practice of dividing your corporate network into a series of smaller networks so that people and systems only have access to what they need. It’s one of the tactics used in a Zero Trust approach to cybersecurity strategy.
If you have separate Wifi access for guests so that they can only get to the internet, 而不是你的公司文件, 你已经在练习网络分段了. You also might have your backup files separated from your main network too. There’s more that you can and should do with 网络市场细分, 然而, 阻止入侵者的踪迹.
如何实现网络分段
作为商业领袖或经理, you don’t need to know the technical details of how to segment a network, but you may need to participate in the planning process so that the segmentation makes sense for your business operations. 然而, a large part of 网络市场细分 is deciding what network traffic is allowed and what is not and that gets into the technical weeds pretty fast.
例如, all of the workstations need to connect to the file server for file serving and nothing else. 同样的, they can connect to the domain controller for the permissions they need and nothing else.
经过信息收集过程, a network architect will create a segmentation plan that takes into account all of your devices and cloud connections, 以及所有组织和指挥交通的港口, 把它们分成几个部分.
The result is that if an employee inadvertently clicks on a phishing email that unloads malware, the infection can’t travel and the damage is contained. 另外, you’ll be controlling internal access to network locations on a need basis, 这就降低了内部威胁的风险.
对远程工作人员和连接设备的影响
If you have all or some of your employees working from home, then your network is spread out to every individual location. Whether you’re using SSL or VPN you still need to think about what data employees can access.
如果是VPN, make sure that the employee can get to their remote desktop but not the whole network so that you’re not inadvertently opening up a connection between the employee’s home network and yours.
同样的, consider other equipment that you might have connected to the internet – security cameras, 环境控制, 机械, 和设备. Security standards for these Internet of Things (IoT) devices are sketchy at best, so using 网络市场细分 to separate these connections is a best practice that you should start.
迈向零信任
The Zero Trust approach to cybersecurity assumes that an intruder is present. Don’t give them an open invitation to damage and steal your data and exploit your connections by having an open network. 网络分段的目标, 类似于最小特权原则, 是最小化妥协的范围和影响.
Include 网络市场细分 in your cybersecurity strategy so that when the intruder starts jiggling the handles to find a way in, 他们只能找到锁着的门.
澳门网赌大全网址澳门赌场网址大全服务
这里是风向标, we wrap security around everything we do because we understand that managing cyber risks is essential to business success and sustainability. We have dedicated cybersecurity experts on our team who stay up to date with evolving threats and tactics so that we can bring business leaders the information they need to make wise decisions about cybersecurity.
澳门网赌大全网址 to explore how managed IT and security services from Bellwether can bring you confidence that you don’t have any gaps when it comes to managing cyber risks and using technology to move your business forward.
