<<Control Measure>> Applications should be grouped into different zones (micro perimeters) based on the risk level and data within the application ()