Standard (I've mainly worked with IT in financial companies).
But usually implemented not as a physically separate network, but an extremely locked-down one. No USB activated ports (data, mice are OK), instant reporting of unexpected devices, white-listed website access (if lucky) and often no email privileges to email out of the organization. This gets relaxed (apart from USB access) with seniority. I know companies where mobile phones have to be left in lockers on entering/leaving the building, and paper free environments meaning no one unless a bit senior has printing rights.
Does this make a difference? Against a malignant party, no. Against careless staff member, yes. Against a lucky/fluky outside actor (in the story link), yes.
But usually implemented not as a physically separate network, but an extremely locked-down one. No USB activated ports (data, mice are OK), instant reporting of unexpected devices, white-listed website access (if lucky) and often no email privileges to email out of the organization. This gets relaxed (apart from USB access) with seniority. I know companies where mobile phones have to be left in lockers on entering/leaving the building, and paper free environments meaning no one unless a bit senior has printing rights.
Does this make a difference? Against a malignant party, no. Against careless staff member, yes. Against a lucky/fluky outside actor (in the story link), yes.