The old defenses against cyberattacks–firewalls, antivirus programs and operating system patches–worked well when the security perimeter was the office. Now that remote work is here to stay and more devices are connected to company networks, protecting networks is more complicated. Read on to learn how defense in depth, an integration of individual tools, can help you better protect your technological assets.
The Significance of Defense in Depth
With business operations having altered in the last several years, more endpoints are connected to networks, and the threat surface expands. Not every remote worker may have the most up-to-date antivirus protection, for example. Bad actors could use brute-force attacks, seeking entry into numerous parts of the network. With defense in depth, other controls would keep the criminals from getting very far. This redundancy can give administrators time to enact countermeasures to keep the intruder from penetrating the network deeply
Typically, defense in depth involves three layers of controls–administrative, physical and technical. Administrative controls have to do with the policies and procedures that workers follow; for example, restricting permission to certain portions of the network, and allowing access to the data and applications they need to do their work (least privilege). Another layer involves physical security, and protects data centers and IT systems from threats like data theft. These controls include guards, security cameras and biometrics and/or ID cards. The layers of controls are working at different layers yet are integrated to provide a strong defense against cyberattack.
Getting Started with Defense in Depth
But where to start? CompTIA’s article on the topic makes several suggestions. One is to identify what malicious activity might look like for your business. Analyze data to develop a baseline for what’s normal in order to detect any anomalies when they happen. What are your most critical technological assets, and what do you need to do to protect them? These assets would be the core from which to build other layers of protection. What intrusion detection systems do you have? Are there others you can implement? Once you have your systems in place, it’s time to penetration-test your environment to find any weak spots.
Individual technology tools like firewalls, patches and network monitoring can work even better when they are integrated into a defense-in-depth system. For guidance in getting started, contact your trusted technology advisor today.