The idea behind a layered security model is to protect systems from a broad range of attacks by using multiple strategies to be more effective. This model attempts to address problems with different kinds of hacking or phishing, denial of service attacks and other cyberattacks, as well as worms, viruses, malware and other kinds of more passive or indirect system invasions. While one layer may not have protected the user/network, there are several additional layers to pass through before a problem arises. We promote layered security in the following manner: Human, physical, network, endpoint, and data.
In a work environment we are trained to be trusting and helpful, for this reason hackers will try to trick employees into doing something that will compromise their personal or employer’s security. User education helps the human layer by teaching the employees how to identify scams, spot suspicious email, prevent social engineering tactics, and help provide an insight on how these attacks are delivered.
Physical security prevents unauthorized access to vital network components. Keyed locks, key fobs, or biometrics can be used to prevent outsiders from accessing your company’s hardware. When a malicious person has physical access to the network, they can do whatever they like from wiping data, to injecting a key logger to capture your passwords while they are entered.
Network security starts with your firewall. Besides properly configuring the device during deployment (updating default credentials), commercial next generation firewalls can enable additional services to protect your network. Services like intrusion prevention, antivirus, and web content filtering, and anomaly detection. These systems can locate and block any suspicious inbound and outbound activity on your network, users running applications that violate company policy, and even block known attacks based off their signature and/or behavior.
Endpoint security is becoming more complicated since employee owned devices are being used more for work today, fortunately technology today now allows greater control of company data. While all computers still need the basics like antivirus, web content filtering, and updates applied, additional measures can be taken such as hard drive encryption, application control, and data backups to safeguard the machine. Additionally, mobile devices can be remotely wiped when the device has been lost to safeguard company resources.
Our final layer is data security which includes user identification and access control. Since username and passwords are constantly compromised, additional security measures must be taken to prove the user’s identity. Strategies like multi-factor authentication requires not only the username and password but also an additional form verification like a text message code. Employee access can and should also be considered as internal threats like a disgruntled employee is also a possibility. Without considering data access control, everyone in the company could have the ability of looking at human resource or business financial information.
If you need additional layers implemented or just an evaluation to see how many layers of protection you have, please contact us for a free evaluation.