mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

8.1K
active users

#dataarchitecture

0 posts0 participants0 posts today

Someone recently asked me about the difference between network segmentation and data segmentation after I mentioned them in a post. Both are important. Sometimes you use one method, sometimes the other, and sometimes both. And then, karma. A perfect example of data segmentation appeared on my screen a day or two later, and now I’ll share it with you.

Here’s an example of data segmentation, possibly without network segmentation. See accompanying picture.

I have multiple websites with the same hosting company. The hosting company is offering me the option of merging all of my websites under one login. That would be convenient, but it’s less secure.

At the data level, a cybercriminal must authenticate on each of the websites separately, with separate 2FA. At the network level, I have no way of knowing if the web hosting company has segmented the infrastructure, and to what degree. For some companies, detailed knowledge of the hosting company’s physical architecture is essential to good security, but for me it doesn’t matter, since I have zero confidential information stored on, or accessible from, the web servers. The worst thing a cybercriminal can do to my websites is defacement or knocking them offline.

THE LESSON
As part of your risk assessment, consider both network segmentation and data segmentation. Everything that can be accessed from the same authentication credentials is in the same data segment. The most common weakness I uncover is in granting a single Administrator account too much access.

#CallMeIfYouNeedMe #FIFONetworks

Drawing attention to just one good quote in the article: “And it also taught many of them the importance of segmenting their networks as much as possible to contain possible damage from malware infection.”

Sadly, there’s still a long ways to go before all organizations understand the importance of not only network segmentation, but also data segmentation.

About a year ago I was at a state government industry forum (I won’t name the state) where they boasted about their ambitious goal of moving everything to the cloud and centralizing all departments’ data. In one of the breakout sessions during the Q&A period, I stood up and asked, “How are you planning to address the security risks you’re creating by total centralization?” The person on the panel who took my question said that one system they could control completely was more secure than ten or twenty systems that might have varying degrees of security. I refrained from telling them that they just admitted they sucked at project management.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #DataArchitecture #DataClassification

linkedin.com/pulse/notpetyas-8

www.linkedin.comOn NotPetya’s 8th anniversary, global industries are still at risk of NotPetya-like attacksSpring 2017 featured a pair of major enterprise and industrial malware attacks that kept me really busy, and many cybersecurity practitioners even busier. I had just started to get noticed for my cybersecurity news blogging.

10 𝐌𝐢𝐬𝐭𝐚𝐤𝐞𝐬 𝐎𝐫𝐠𝐚𝐧𝐢𝐳𝐚𝐭𝐢𝐨𝐧𝐬 𝐌𝐚𝐤𝐞 𝐖𝐡𝐞𝐧 𝐌𝐨𝐝𝐞𝐫𝐧𝐢𝐳𝐢𝐧𝐠 𝐃𝐚𝐭𝐚 𝐀𝐫𝐜𝐡𝐢𝐭𝐞𝐜𝐭𝐮𝐫𝐞𝐬

Modernizing data architectures is essential for organizations seeking to stay competitive. Despite good intentions, many organizations stumble along the way, making costly mistakes that hinder progress & reduce the effectiveness of their data ecosystems.

foxconsulting.co/post/10-mista

Fox 📊 Consulting helps organizations get it right the first time!

ING partnered with Thoughtworks to transform its data management with a data mesh approach, moving from monolithic decentralized data architecture to a Google Cloud platform.

Read the full story here: ter.li/ik3ejv

What is the biggest benefit of implementing a Data Mesh approach?

ThoughtworksING: Data modernization with data meshThoughtworks partnered with ING to implement a data mesh proof of concept (PoC) over Google Cloud Platform, including a consumer aligned data product.