A network segmentation review can be broken into three phases:
- Data Discovery
- Data Classification
- Recommend Changes
Data Discovery is the process to determine the threat, affected resources, and any impact of a potential data leakage, interception, and / or theft. Data Discovery depends on the ability to determine the scope of the engagement by identifying data and classify the processes around the data, escalation procedures, resources involved, the risk, impact, and prioritization to the organization. During this initial phase, SecureState brings experts in the related subject matter, such as consultants who specialize in defending, attacking, audit, and compliance.
Data Classification is the process of categorizing all the data, and / or the assets associated to the data, based on nominal values according to its sensitivity. An example is data that is classified as public, internal, confidential, highly confidential, restricted, regulatory data, or top secret.
Assets associated with the data are classified respective of the risk to unauthorized disclosure, modification, or access. High risk data, typically classified “Confidential”, requires a greater level of protection, while lower risk data, classified as “internal” requires proportionately less protections.
In order to begin the Data Classification, SecureState conducts interviews with the organizations staff, such as the IT staff, to get an understanding of the current data flow through the organization’s network infrastructure. Once the mapping of the data flows is completed, SecureState reviews all the existing controls which are applicable to the segmentation of the data in question, and then provides recommendations. Recommendations and / or modifications to existing controls to increase the effectiveness while taking into account any new controls that should be configured as a means to help lower the probability of the data exposure.