Fewer than one in five companies is currently using network segmentation to slow intruders from moving around its network, mainly due to the difficulty of configuring and maintaining firewall rules, according to a survey conducted by network security provider Illumio.
The survey, based on interviews with 300 IT professionals, found that 19% of companies currently use network segmentation to reduce the risk of a data breach, while another 26% are planning a project in the next six months. Yet a whopping 55% of companies are not even considering deploying segmentation in that time frame, according to the survey.
The responses suggest that companies understand the benefits of segmenting their applications and servers, but the difficulty of the project has dissuaded many IT professionals, causing them to put off efforts, says Matt Glenn, vice president of product management for Illumio.
"When we talked to people, they never say that they don't want to do segmentation," he says. "They ask how can they do it and what is the cost."
Network segmentation is one way of dispensing with trust and minimizing the impact that a user could have on the network. A variety of companies have touted the zero-trust model for security, labeling trust as weakness. By limiting access to specific critical assets and data, segmentation is one way of implementing zero-trust security and can harden networks against an intruder's efforts to laterally move after a breach.
Last year, network segmentation appeared on the to-do lists of nine out of 10 companies, firms segmentation despite security benefits
