Hackers want access to any number of things: To your facilities, your network, and to individual devices on that network. More often than not, hackers are looking to gain access to sensitive data.
Whatever it is they want to access, hackers look for the easiest way to access it. Think about a burglar trying to enter a house; if the front door is locked and the back door is locked, but there’s a window wide open, the burglar will have no problem accessing the house.
The point of Defense in Depth (DiD) is to make the proverbial house into something more like a castle, throwing up sturdy lines of defence no matter where a cybercriminal might go. When one line of defence fails, another is right there to catch the criminal.
The Many Layers of Defense in Depth
You can divide the layers of security surrounding your IT infrastructure in any number of ways; for the purposes of DiD, we like to use the following layers:
- Policy and procedure: These are the best practices that mitigate the use of social engineering to access your network. Teaching your staff about common scams like phishing emails, timed password resets, and ensuring that employees know the network risks inherent in remote work all fall into this category.
- Physical infrastructure: Locks, security guards, CCTV, and other physical security measures can prevent cybercriminals from gaining physical access to your premises and using hardware to hack your network.
- Network: Firewalls, gateways, VPNs, and intrusion detection systems (IDS) all fall into this category. Strategies like network segmentation also play an important role in network security.
- Application: Only use applications from trusted third parties. When developing your own applications, be sure to follow secure coding guidelines. Regular vulnerability checks are essential; update all applications regularly. Uninstall unused applications.
- Data: Back up your data regularly. Classify data based on its level of secrecy, and add extra layers of protection to your most sensitive data (consider isolating it on a segmented network). Use encryption and data loss prevention tools.
- Incident Response: Use managed detection and response (MDR) to catch threats as soon as they appear. Make a detailed cyber incident plan to help recover data and bring your business back online as quickly as possible.
By paying attention to each layer of security, it becomes exceedingly difficult for hackers to gain access to any part of your network.
Defense in Depth Vs. Layered Security
Defense in Depth, as we’ve just described it, means looking at each layer of your network and physical infrastructure and employing several security measures at each layer to counter potential cyberattacks.
Surprisingly, it’s still different from layered security.
Layered security is the use of similar, and sometimes redundant, pieces of hardware and software to provide extra protection—like having a padlock, a keypad, and an RFID lock all on one door. To get the most protection, companies will often use Defense in Depth and layered security in conjunction with each other.
For Defense in Depth, Call Constant C
We’re constantly monitoring changes to the cyber threat landscape. We think like hackers, so you don’t have to, and we’ll poke and prod at any possible security holes in your network, then employ security measures to eliminate weak spots.
Interested in how Defense in Depth can help improve your network security? Contact us today.