Segregation of network access related to offered cloud services

Critical
High
Normal
Low

Network segregation is used to divide networks into smaller parts (called subnetworks or segments). The main purpose is to achieve least privilege principles by limiting the access e.g. a user or any particular device can have.

When offering cloud services, the organisation should implement network access segregation to:

  • Strongly separate tenants in multi-tenant environments
  • Strongly separate provider’s own internal administration environment and customers cloud computing environment

Organisation should be able to help the customer to verify the segregation implementation.

Connected other frameworks and requirements:
PR.AC-5: Network integrity
NIST CSF
13.1.3: Segregation in networks
ISO 27017
No items found.