What is Defense in Depth? & How Defense in depth Works

Defense in depth may be a security strategy during which security professionals use many protection layers throughout associate information system. This strategy uses the military principle that it’s more difficult for associate enemy to defeat a fancy. Multi-layered defense system than to penetrate one barrier. Defense-in-depth helps to stop direct attacks against associate information system. It’s knowledge as a result of a possibility in one layer only leads the offender to successive layer. If a hacker gains access to a system, defense-in-depth minimizes any adverse impact and provides directors and engineer’s time to deploy new or updated countermeasures to stop a repeat of intrusion.

How Defense in depth Works

a layered approach to security can be apply to all or any levels of IT systems. From the lone laptop computer accessing the web from the coffee shop to the fifty thousand user enterprise. WAN, Defense in depth will considerably improve your security profile.

No organization will be ever be absolutely protect by one layer of security. Wherever one door could also be closed, others are left wide open, and hackers can realize these vulnerabilities very quickly. You use a series of various defenses along, like firewalls, malware scanners, intrusion detection systems, encryption and integrity auditing solutions. You effectively shut the gaps that are created by relying on a singular security solution.

Elements of defense in depth

Security Policies and Procedures

In initial layer of defense organization must setup benchmarks, standards, policy . In some scenarios the legal rules, and also the best practices as baseline standard. Later these become actual normal for any organization. Internationally totally different standards are recognized for security data like international organization for standardization (ISO), Payment Card business (PCI) information Security standard (DSS), Control Objectives for data and connected Technology (COBIT) and plenty of a lot of. Ever y customary or regulation features a general implementation cycle.

Physical Security

It not only involved with protection the doors and sitting of guard however additionally include security of server space, laptop computer and desktop protection, and human factors.

Perimeter and Network

Security Rectification of network is core element in securing IT organization as shown in Fig three between major network segments. It starts with covering design against well-known and obvious network attacks. The perimeter of network traffic should be filter by stat-full examination of firewalls, intrusion detection mechanisms. Malware identification and obstruction technologies, filtering of close dangerous contents. To defense network perimeter it’s necessary to grasp what a network would possibly face in terms of attacks and threats. Once properly organized this layer shield data assets by allowing solely those activities that ar needed to continue business operations.

Related Product Certified Ethical Hacker | CEH Certification

Observation and work of Events

Security design remains incomplete while not correct watching and work system. Network and Security operations should be ceaselessly monitor for sign of any doable intrusion. Effective alerts and alarms will solely be generate with correct implementation of watching of security controls. Rather than simply parsing logs from one device to different complete preparation of observation system. Directors must review important logs on every day to observe advanced intrusion or threats to system.

Host Security

Host security is very important as rectification of network in security design. Antivirus, anti-malware, host intrusion detection and interference mechanism, host based mostly firewalls and package hardening should be enforced.

Session Security

It provides restrictions over a user at intervals a singular session and it’s important in internet security. Cryptographic-ally robust, applicable key and session identifiers are the simplest controls wont to implement session security. A complete guideline during this regard is offered on OWSAP.

Application Security

Security of users, data concerning credit cards, restriction on rights, vulnerability analysis, input validation, backup and restoration, passwords and access management lists (ACLs) are the controls that supports implementation of security of application.

Information Security

information outpouring interference business supported encoding like Triple encoding standard (DES) should be enforced to shield private information of organization and user together with credit card data.

Defense-in-depth architecture: Layered security

Defense-in-depth security architecture is based on controls that are designed to protect the physical, technical and administrative aspects of your network.

Physical controls – These controls include security measures that prevent physical access to IT systems, such as security guards or locked doors.

Technical controls – Technical controls include security measures that protect network systems or resources using specialized hardware or software, such as a firewall appliance or antivirus program.

Administrative controls – Administrative controls are security measures consisting of policies or procedures directed at an organization’s employees, e.g., instructing users to label sensitive information as “confidential”.
Additionally, the following security layers help protect individual facets of your network:

Access measures – Access measures include authentication controls, bio metrics, timed access and VPN.

Workstation defenses – Workstation defense measures include antivirus and anti-spam software.

Data protection – Data protection methods include data at rest encryption, hashing, secure data transmission and encrypted backups.

Perimeter defenses – Network perimeter defenses include firewalls, intrusion detection systems and intrusion prevention systems.

Monitoring and prevention – The monitoring and prevention of network attacks involves logging and auditing network activity, vulnerability scanners, sand boxing and security awareness training.

Also read this topic Top 10 Most Common Types of Cyber Attacks

The Benefits of Defense in Depth

A multi-layered approach are often tailored to totally different levels of security. Not each quality must be fully secure; instead, only the most business crucial assets, like proprietary and lead, will be protected by the foremost restricted settings.
If one system fails, there area unit different systems functioning. It’s not possible to ensure the safety of any single style of security application; there square measure continuously vulnerabilities and exploits. By mistreatment multiple systems to mitigate injury, the organization will make sure that although one (or multiple) systems fail, the system itself continues to be protected.
There square measure several niche solutions — and threats. Organizations nowadays typically got to maintain multiple cyber security applications, like antivirus programs, anti-spyware programs, and anti-malware programs. Cyber security involves such a big amount of threats nowadays that unique tools square measure typically necessary.

Disadvantages of Defense in Depth

Defense-in-depth is usually viewed because the castle walls that give an efficient cyber defense for Associate in nursing enterprise. It’s commonplace for enterprises these days to fashion their security design around multiple layers of security by getting countless security tools starting from firewalls to user behavioral analytics. Enterprises still face breaches and malicious attacks despite exploitation these tools. This begs the question: square measure additional tools required or ought to a very different approach be considered?

The correct answer is that the latter. Defense-in-depth has fostered a troubling false sense of security—many enterprises became too dependent on that as their dues ex machine cyber security resolution, going them liable to bran-new threats. That’s as a result of the mass proliferation of disparate enterprise security technology currently connected to company networks creates silos that square measure additional advantageous to hackers. This has considerably expanded the potential attack surface and created open holes within the castle walls.

Infosavvy give training on Defence in Depth which can be divided into three areas: Physical, Technical, and Administrative. In CyberSecurity Training as Ethical Hacking Training, you learn in-depth Knowledge of security. learn CEHv10 Training and Certification from Infosavvy in Chennai Location Certificate Accreditation by EC-Council.

People also ask this Questions

  1. What is a defense in depth security strategy how is it implemented?
  2. What’s the key characteristic of a defense in depth strategy to IT security?
  3. What are the tools used in cyber security?
  4. Which type of security control is defense in depth?

Cyber Security Related Things

Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092

Contact us –

Leave a Comment