Why and When It Makes Sense to Use Siloed Solutions

Integrating every process into the core IT landscape does not automatically increase efficiency—it increases the attack surface.

In IT, siloed systems are often broadly criticized as inefficient. From an information security perspective, this view is overly simplistic. Particularly in industrial environments, the following applies:

Not every process is a core process—but many processes require external access. Facility management, asset management, maintenance, service, or construction and project management:

• regularly work with external service providers
• require cross-site and cross-company access
• typically do not contain highly sensitive financial, HR, or IP-related data

Tightly integrating these processes into ERP, finance, or HR systems increases:

• the attack surface
• the complexity of authorization models
• the risk of lateral movement in the event of a security breach

A deliberately isolated system architecture offers clear advantages:

• separation based on protection requirements and risk classes
• defined security zones for external access
• controllable interfaces instead of implicit trust
• reduced impact in case of compromise

From a security standpoint, this is not a step backward but an application of defense in depth. The relevant question, therefore, is not whether silos are “good” or “bad,” but where integration makes sense—and where isolation is mandatory.

Good IT architecture does not follow an integration dogma; it follows a rigorous risk and protection requirements analysis.