Thursday, 24 August 2017 17:31

IT Defense In Depth Part 1

Written by
Rate this item
(1 Vote)

In the 1930s, France built a trench network called the Maginot Line to rebuff any invasion. The philosophy was simple: if you map out all the places an enemy can attack, and lay down a lot of men and fortifications at those places, you can rebuff any attack. The problem is, you can’t map every possible avenue for attack.

What does this have to do with IT security? Today many business owners install an antivirus program as their Maginot Line and call it a day. However there are many ways to get into a network that circumvent antivirus software.

Hackers are creating viruses faster than antivirus programs can recognise them (about 100,000 new virus types are released daily), and professional cybercriminals will often test their creations against all commercially available platforms before releasing them onto the net.

Even if you had a perfect anti­virus program that could detect and stop every single threat, there are many attacks that circumvent anti­virus programs entirely. For example, if a hacker can get an employee to click on a compromised email or website, or “brute force guess” a weak password, all the antivirus software in the world won’t help you.

There are several vulnerabilities a hacker can target: the physical layer, the human layer, the network layer, and the mobile layer. You need a defense plan that will allow you to quickly notice and respond to breaches at each level.

The physical layer refers to the computers and devices that you have in your office. This is the easiest layer to defend, but is exploited surprisingly often.

Here are a few examples:

  • Last year 60% of California businesses reported a stolen smartphone and 43% reported losing a tablet with sensitive information.
  • The breaches perpetrated by Chelsea Manning and Edward Snowden occurred because they were able to access devices with sensitive information.
  • For example, Comptia left 200 USB devices in front of various public spaces across the country to see if people would pick a strange device and insert into their work or personal computers. 17% fell for it.

For the physical layer, you need to:

  • Keep all computers and devices under the supervision of an employee or locked away at all times.
  • Only let authorized employees use your devices
  • Do not plug in any unknown USB devices.
  • Destroy obsolete hard drives before throwing them out

Next time in Part II, we will talk about the human and network layers of security.

Read 6624 times Last modified on Thursday, 24 August 2017 17:46
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

278 comments

  • Comment Link Dante gay webcam Thursday, 21 February 2019 10:29 posted by Dante gay webcam

    Cool! Interesting material over here. It is pretty worth enough for me. In my view, if all site owners and bloggers made good content as you did, the Internet will be a lot more useful than ever before. I could not refrain from commenting. I have been surfing on-line some time looking for such informations. I'll also share it with a few partners interested in it. I have just flagged this site. At this moment with the work done, I will enjoy some online home Webcams. Thank you very much! Greetings from Phoenix!

  • Comment Link fuck google Wednesday, 13 February 2019 19:00 posted by fuck google

    Thank you for your blog article.Really looking forward to read more. Will read on…

  • Comment Link zenci porno Wednesday, 13 February 2019 13:12 posted by zenci porno

    I think that is an fascinating point, it made me think a bit. Thanks for sparking my thinking cap. Sometimes I get so much in a rut that I just believe like a record.

  • Comment Link child porn Tuesday, 12 February 2019 14:14 posted by child porn

    There is definately a great deal to know about this topic.

  • Comment Link capsa susun online Sunday, 10 February 2019 19:49 posted by capsa susun online

    You really make it seem really easy with your presentation but I find this topic to be actually something which I think I would by no means understand. It sort of feels too complicated and extremely huge for me. I'm taking a look ahead in your next publish, I'll try to get the hang of it!

  • Comment Link situs poker online Sunday, 10 February 2019 16:04 posted by situs poker online

    I don't know whether it's just me or if everybody else encountering problems with your website. It appears as though some of the written text in your posts are running off the screen. Can somebody else please provide feedback and let me know if this is happening to them as well? This may be a issue with my browser because I've had this happen previously. Cheers

  • Comment Link Cheat gta 5 ps3 Sunday, 10 February 2019 06:36 posted by Cheat gta 5 ps3

    You really make it seem really easy along with your presentation but I to find this matter to be really one thing that I think I'd never understand. It seems too complex and very vast for me. I'm looking forward to your next submit, I will attempt to get the hang of it!

  • Comment Link Domino Qiu Qiu Sunday, 10 February 2019 05:27 posted by Domino Qiu Qiu

    Hello! I understand this is sort of off-topic however I needed to ask. Does running a well-established website such as yours take a large amount of work? I am brand new to operating a blog but I do write in my diary daily. I'd like to start a blog so I will be able to share my own experience and thoughts online. Please let me know if you have any kind of recommendations or tips for brand new aspiring bloggers. Appreciate it!

  • Comment Link Poker Online Terpercaya Sunday, 10 February 2019 04:58 posted by Poker Online Terpercaya

    Wonderful blog you have here but I was wondering if you knew of any user discussion forums that cover the same topics discussed here? I'd really like to be a part of community where I can get feed-back from other experienced individuals that share the same interest. If you have any suggestions, please let me know. Many thanks!

  • Comment Link Poker online terpercaya Sunday, 10 February 2019 03:57 posted by Poker online terpercaya

    Just wish to say your article is as astounding. The clarity on your post is just great and that i can suppose you're knowledgeable in this subject. Well together with your permission allow me to grab your feed to stay up to date with imminent post. Thank you one million and please carry on the gratifying work.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.