Monday 06 July 2026 15:29:17 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Data segmentation

Separating datasets so that more sensitive records are harder to reach without extra authorization.

Data segmentation is the practice of separating datasets into distinct zones, so that more sensitive records are isolated from less sensitive ones and require extra authorization to access. It is a security control for limiting blast radius: if one account, application, or database view is compromised, the attacker should not automatically gain access to everything.

In cyber security, segmentation supports least privilege, access control, and auditability. It can be implemented with separate databases, row-level permissions, role-based views, network boundaries, or tiered repositories for operational versus sensitive archives. Defenders use it to reduce insider risk, prevent mass exfiltration, and make suspicious access patterns easier to spot. Attackers often try to defeat segmentation by abusing trusted credentials, requesting broader queries, or chaining access across systems until protected data becomes reachable.

← WIKICROOK index