When I was in the U.S. military, I learned about the power of “defense in depth.” This defense strategy, that dates back to beginning of time, involves employing multiple layers of defense to resist the rapid penetration of attackers. The attackers may overcome one barricade, but they cannot get through them all. At minimum, it slows down the attack to give you time to respond more effectively.
Today, I bring that same layered security strategy to protect IT environments. Through layered defense (as it is often called), organizations combine multiple mitigating security controls to protect their users, data and resources.
While a single-focused security solution can stop specific attacks, it is no longer enough to keep your data and resources safe from the advanced capabilities of modern-day malware. This advanced malware is surprisingly sophisticated – and always changing. Even more concerning is that it is easier than ever for even non-developers to create and distribute malware with toolkits that can be found on the dark web. View how an effective attack comes together.
Small Businesses Targeted
Small businesses, with fewer than 250 employees, actually are the prime targets for these attacks because they:
- Often lack adequate security measures;
- Do not have the resources to “fight back” against ransomware, so ransoms are paid back at higher rates than larger enterprises;
- Offer entry to larger businesses (remember the hack on Target in 2013. That actually was achieved through the retail giant’s HVAC vendor); and
- Provide a reduced risk to attackers as they are less likely to be investigated.
Creating a Layered Defense
The best strategy against today’s threats is to employ a Defense-in-Depth “Layers” Strategy. This includes deploying multiple, overlapping and mutually supportive defensive systems to guard against single-point failures in any specific technology or protection method.
For example, it is no longer sufficient to have a firewall or an antivirus software on your server or workstation and a password on your Wi-Fi. You need all three, plus a few additional items.
An effective IT defense strategy starts with knowing where you’re most vulnerable to attacks. Here’s the most common attack points (or vectors as they are sometimes called), according to a 2016 Security Report from McAfee Labs:
- Browser (downloading software infected with malware)
- Brute force to try to crack a password/PIN
- Denial of service (attacker overloads your server with more requests than it can process)
- SSL data intercept
- Open port scan
- DNS (redirecting users to bogus websites)
- Backdoor through software and hardware bugs
- Others (social engineering, compromised devices, advertisements, etc.)
An effective security solution should protect against at least five of these attack points.
Am I Protected Enough?
Marco developed an extensive Layered Security Map that outlines the purpose of each key security solution, the layers of security it provides and the number of common attack points it protects.
For example, Cisco’s Meraki solution that we offer:
Provides: Stateful L7 Firewall, Intrusion Prevention & Detection (IPS/IDS), Advanced Malware Protection (AMP), Client VPN Services and Application Visibility Controls.
Achieves three key security layers: Authentication, malware protection (at the edge) and content filter.
Result: Protects against six common attack points.
Of course, organizations want all the attack points covered. So, that’s why they need to use a variety of security solutions. It’s common for even a small to medium business to use several security solutions to effectively implement a depth in defense strategy across their IT environment.
Mapping which solutions are right for your organization is an essential task. You don’t have to do it alone. Contact us today to learn more about the Layered Security Map and the solutions needed to effectively protect your organization.