Network & Environment
Networks should be built in a way that assumes compromise and limits the damage an adversary causes through lateral movement. This is accomplished by controlling, isolating, and segmenting all network components, both physical (hardware) and logical (software), using specific policies and applying advanced access controls.
Network segmentation (Micro and Macro) divides a network into smaller, separate pieces called sub-networks, allowing IT personnel to compartmentalize them and provide separate security controls and services to each of them independently.
Reduce cryptographic risk by analyzing encryption for all client-server sessions on your network to identify weak and insecure connections. Deploy quantum ready key mixing technology to protect encryption keys and data-in transit from man-in-the-middle attacks.
Reduce the risk of lateral movement in the event of breach by separating functional groups and departments into different networks with their own data. Improve performance and resilience by creating redundancy in the event of an outage. Granularly control network access and security policies.
Data Flow Mapping
Comply with regulations such as Department of Defense Manual 5200 (DoDM 5200) and General Data Protection Regulation (GDPR) to understand the flow of information within your network including creation, dissemination, derivative classifications and safeguarding. Handing classified data? Track where classified or controlled unclassified information (CUI) information is sent and ultimately declassification instructions.