In a time when new cyber risks emerge by the minute, a single line of defence no longer offers enough protection. Smart businesses need to look at a layered security approach. What this means is multiple levels or types of security protection to add that extra level, in case a hacker or virus breaks through the first layer.
It is a strategy you already use in your day to day life, although you may not even realise it. At your home, you most likely have security screens, then a wooden door with a deadbolt, then an alarm system, and you may even have your own CCTV system. You will likewise draw from multiple tools to build your layered defence approach – along with expertise that ensures it all integrates into a powerful defence.
Layered security is about prevention, detection, and response.
It addresses the entire range of hazards, from hacking and phishing, denial of service and other cyberattacks, to worms, viruses, malware and indirect system invasions.
Just as home invaders are thorough in their search for valuable items, cyber-attackers look everywhere. They snoop in operating systems, interfere with web applications, and pry into the darkest depths of your hardware. In particular, these unwelcome guests take advantage of conventional endpoints and mobile devices, which often act inadvertently as a welcome mat that allows them past network security.
We shouldn’t forget about the human element here either. People operating endpoint devices are vulnerable to the increasingly persuasive tactics of the cyber-criminal. While they may be wise to the poorly worded scam message full of spelling mistakes and dubious grammar, online crime is now big business, with resources to match.
Clearly, user education is one layer that should not be forgotten, and employees should be regularly trained. The easier you can make it for users to comply, of course, the more likely they are to do so. Encouragement is key; by publicly applauding users with sense to inform you of suspicious emails or websites, you create a culture that is supportive of security measures.
In order to mount a viable defence, it is essential to understand a little about attackers. Most attacks start with a phishing attack against a user. When the user falls prey to phishing, or even visits a seemingly innocuous site, the endpoint can become infected. These initial infections are used as entry points to dig deeper into the business, in search of valuable data.
What are they looking for?
Admin passwords are gold to cyber-attackers, with financial information and customer databases among other prized targets. Attackers may also use compromised computers for other illicit activities, such as DDoS and phishing relays. They are usually opportunists like home invaders – if something has a value, they will help themselves and sell it on.
Layered security is designed to slow the attacker’s progress, detecting them before they can do serious damage. Sometimes this will be enough to make the attacker seek a softer target. Some do have built-in contingencies that look for other vulnerabilities if they don’t get lucky on the first approach. A determined attacker may eventually navigate through the layers of security, so monitoring and reporting are important elements of the layered approach.
The idea of layered security is simple – a determined attacker may get around a single defence, but will find it harder to navigate multiple layers before detection and removal. Options like firewalls, intrusion detection systems, malware scanners, integrity auditing procedures, and storage encryption tools are all useful, but none of these should be expected to tackle the problem alone.
No matter who you are, or what business you’re in, there is always someone who seeks advantage by attacking your systems. Want to know more about layered security? Call our experts for a chat about your own challenges.