Technology Infrastructure Resilience (PR.IP)
We will take a look at ways of segmenting your network to promote better isolation of resources while also determining ways of ensuring high availability. This will include physical components such as the power source and temperature of the environment.
PR.IP-01
Flat networks are easy to set up, easy to maintain, and easy to compromise. Why? Because you are not filtering any traffic between two or more endpoints. Once an IT resource is compromised, the adversary can then use that equipment to pivot to other systems within the network.
Several regulatory compliance bodies, including PCI, have mandated that organizations segment their PCI cardholder data environments from the rest of the network. Without proper segmentation, the entire server-based network, not just the systems that hold onto PCI data, is susceptible to PCI requirements.
Best...
