Segment and Separate

Objective

Segment and separate information based on sensitivity of information.

Key Considerations

  • Develop a target network security design that considers segmentation via network security zones, in alignment with ITSG-22 and ITSG-38.
  • Implement increased levels of protection for devices.

Validation

  • Confirm that SAFER lab devices cannot be connected to ESDC network.
  • Confirm that SAFER lab devices cannot transfer data to and from ESDC network through storage devices.

Applicable Service Models

  • SAFER devices

References

  1. Related security controls: AC‑4, SC‑7, SC‑7(5)