Compartmentalization Patterns
Architectural patterns for limiting blast radius through isolation of systems, data, and access.
Architectural patterns for limiting blast radius through isolation of systems, data, and access.
Continue your mission
Compartmentalization is the practice of dividing systems, data, and access into isolated segments so that compromise of one segment does not cascade to others. In the Empty Fortress doctrine, compartmentalization controls blast radius: if one room is breached, the fire stays in that room.
Most breaches do not start at the crown jewels. They start at the weakest point — a phishing email, a misconfigured service, an unpatched endpoint — and move laterally until they find something valuable. Compartmentalization reduces the value of dwell time by limiting what an attacker can reach from any given starting point.
Network segmentation divides the network into zones with controlled traffic between them using VLANs, firewall rules, and software-defined networking. Application isolation runs services in containers or separate compute environments with explicit service-to-service authentication. Data segregation stores different data classifications in different systems with different access controls and encryption keys. Credential isolation ensures administrative credentials for one system cannot access another. Environment separation keeps development, staging, and production strictly isolated.
For each system, ask: if this system is fully compromised, what else can the attacker reach? Map the transitive closure of trust relationships. If compromising your email server gives access to your password manager, which gives access to your cloud console, which gives access to production databases — your blast radius is total. Compartmentalization breaks these chains.
Compartmentalization limits blast radius by preventing lateral movement. Apply it across networks, applications, data, credentials, and environments. Measure your blast radius by mapping transitive trust relationships and break every chain you find.
CDA Theater missions that address topics covered in this article.
Operating under the assumption that breach is inevitable, and designing your architecture so it doesn't matter.
How CDA's Empty Fortress doctrine relates to traditional defense in depth — complementary strategies starting from different assumptions.
Written by CDA Editorial
Found an issue? Help improve this article.