Network segmentation must be implemented to isolate sensitive systems and data from general access networks.

Internal networks must be logically and physically separated based on risk levels, business functions, and data sensitivity.

Guest and employee networks must be segmented from production and administrative networks.

Firewall rules must restrict traffic between network segments based on business needs.

Multi-Factor Authentication (MFA) and least privilege principles must be enforced for access to segmented networks.

Network traffic must be monitored for anomalies, with alerts for unauthorized access attempts.

Data flow between network segments must be controlled via approved gateways, proxies, or firewalls.

Remote access to segmented networks must be secured with VPN and encrypted tunnels.

Direct external access to sensitive network segments must be prohibited unless explicitly authorized.

Regular penetration tests and vulnerability assessments must be conducted to validate network segmentation controls.

Network segmentation policies must be reviewed at least annually and updated to address emerging threats.

All systems and applications must comply with Speak AI’s Network Security Policy and Access Management Policy.

Non-compliance with segmentation policies will result in corrective actions, including access revocation or network redesign.

Speak AI Network Security Policy: https://help.speakai.co/en/articles/9363486-network-security-policy

Speak AI Access Management Policy: https://help.speakai.co/en/articles/9363448-access-management-policy

Speak AI Vulnerability Management Policy: https://help.speakai.co/en/articles/9369290-vulnerability-management-policy