Network segmentation has long been one of the most valuable tools for protecting an enterprise’s assets. Flat, unsegmented networks architectures can allow nosey insiders to easily access sensitive information, while also enabling attackers to move laterally, escalate privileges and spread malware. Segmentation breaks the network into more logical segments and introduces new layers of control and the ability to apply tailored policies for each area.
Late last year, we began conversations with the Tuck School of Business at Dartmouth College about their current security concerns. Like many organizations, a portion of their workloads are moving from on-premises to the cloud. One of the big concerns about moving to the cloud is how to secure infrastructure as companies currently do from within the defined perimeter of their internal network. They also needed to provide added security without heavily impacting the end user (students, faculty, and staff) experience. Because these are common concerns for many other organizations, I’d like to share how we helped this customer overcome these security concerns.