You could try that. But I’m unsure how much that would move the needle in this particular case. It’s too easy to slip up when your only defense is a walled garden. And with wireless controllers and load balancers on the list, that’ll be tricky.
But what would likely have helped is a focus on strong controls around identity and access management. Especially in the form of passwordless auth. Would certainly make lateral moves harder.
Do other companies seriously not do this? I would think that is a basic security concept at this point. Then again, I've seen worse security practices at companies.
But what would likely have helped is a focus on strong controls around identity and access management. Especially in the form of passwordless auth. Would certainly make lateral moves harder.