On one of the professional forums I subscribe to there was a request for “references” to justify the separation of development and production networks and facilities. It seems some managers “don’t get it
” when it comes to things like change control
and undocumented and unplanned changes. Many guidelines discuss this, but its seems that some key ones like NIST
do not explicitly mandate it, and some managers use this as a reason to not do it.
Some of us security droids find this frightening.
My colleague Miriam Britt managed to sum up the reasons why one should have separation quite sussinctly and forcefully. With her permission I have copied her reasoning here and I hope many people will either reference this or copy it to their own blogs. This kind of straight forward statement needs a wide exposure.
Continue reading Network Segmentation is Common Sense