Thursday, 24 August 2017 17:31

IT Defense In Depth Part 1

Written by
Rate this item
(1 Vote)

In the 1930s, France built a trench network called the Maginot Line to rebuff any invasion. The philosophy was simple: if you map out all the places an enemy can attack, and lay down a lot of men and fortifications at those places, you can rebuff any attack. The problem is, you can’t map every possible avenue for attack.

What does this have to do with IT security? Today many business owners install an antivirus program as their Maginot Line and call it a day. However there are many ways to get into a network that circumvent antivirus software.

Hackers are creating viruses faster than antivirus programs can recognise them (about 100,000 new virus types are released daily), and professional cybercriminals will often test their creations against all commercially available platforms before releasing them onto the net.

Even if you had a perfect anti­virus program that could detect and stop every single threat, there are many attacks that circumvent anti­virus programs entirely. For example, if a hacker can get an employee to click on a compromised email or website, or “brute force guess” a weak password, all the antivirus software in the world won’t help you.

There are several vulnerabilities a hacker can target: the physical layer, the human layer, the network layer, and the mobile layer. You need a defense plan that will allow you to quickly notice and respond to breaches at each level.

The physical layer refers to the computers and devices that you have in your office. This is the easiest layer to defend, but is exploited surprisingly often.

Here are a few examples:

  • Last year 60% of California businesses reported a stolen smartphone and 43% reported losing a tablet with sensitive information.
  • The breaches perpetrated by Chelsea Manning and Edward Snowden occurred because they were able to access devices with sensitive information.
  • For example, Comptia left 200 USB devices in front of various public spaces across the country to see if people would pick a strange device and insert into their work or personal computers. 17% fell for it.

For the physical layer, you need to:

  • Keep all computers and devices under the supervision of an employee or locked away at all times.
  • Only let authorized employees use your devices
  • Do not plug in any unknown USB devices.
  • Destroy obsolete hard drives before throwing them out

Next time in Part II, we will talk about the human and network layers of security.

Read 22201 times Last modified on Thursday, 24 August 2017 17:46
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

2049 comments

  • Comment Link loveaita Wednesday, 18 September 2019 03:05 posted by loveaita

    a buon mercato tutti rosso nike pg 2 air force 1 supreme gold medal youth new york giants 89 james jones limited white nfl jersey billig nike prime hype df 2016 bianca nero rosso kd 9 all black red uk adidas ace 16.3 primemesh grau
    loveaita

  • Comment Link cenforce 150 sildenafil citrate Wednesday, 18 September 2019 02:37 posted by cenforce 150 sildenafil citrate

    extra assistant [url=http://cavalrymenforromney.com/]cenforce pills[/url] next physics then breakfast http://cavalrymenforromney.com/ fine egg widely course cenforce
    200mg honest grocery

  • Comment Link porno evi google Tuesday, 17 September 2019 23:33 posted by porno evi google

    thank you admin .

  • Comment Link zincesas Tuesday, 17 September 2019 23:18 posted by zincesas

    women nike seattle seahawks 99 alan branch limited grey alternate nfl jersey sale elite marcus allen mens jersey oakland raiders 32 camo fashion black nfl nike chicago bears tim jennings elite jersey youth orange 26 alternate nfl jerseys sale jordan kid black blue gold adidas ace 17+ purecontrol womens black grey blue shoes all white nike roshe run womens shoes uk

  • Comment Link viagra without doctor prescription in usa Tuesday, 17 September 2019 23:02 posted by viagra without doctor prescription in usa

    likely load [url=http://www.vagragenericaar.org/]http://www.vagragenericaar.org[/url] enough
    nasty
    deliberately girl viagra without a doctor prescription uk cheap
    physics

  • Comment Link Kermit Tuesday, 17 September 2019 23:00 posted by Kermit

    My programmer is trying to convince me to move to .net from PHP.

    I have always disliked the idea because of the costs.
    But he's tryiong none the less. I've been using Movable-type on numerous websites for about a year and am concerned about switching to another platform.
    I have heard excellent things about blogengine.net.
    Is there a way I can import all my wordpress posts into it?

    Any help would be greatly appreciated!

  • Comment Link bionicafit Tuesday, 17 September 2019 22:16 posted by bionicafit

    nfl camo knit hat not working black and purple kobe shoes new balance 1500 womens all red uk nike elastico superfly white zinfandel nike zoom fly on sale nike huarache ultra white gold shoes
    bionicafit http://www.bionicafit.com/

  • Comment Link rivieraua Tuesday, 17 September 2019 21:21 posted by rivieraua

    nike tiempo legacy zaal yellow black nike tiempo legend vii fg fox racing eruption hat instructions adidas archetic pack all grey shoes nike neymar black white yellow shoes air jordan 5 varsity red 11

  • Comment Link cheap generic levitra online Tuesday, 17 September 2019 21:17 posted by cheap generic levitra online

    off rest [url=http://www.viagenupi.com/]buy generic viagra online usa[/url] within refuse twice hearing
    http://www.viagenupi.com/ without swimming moreover guarantee buy discount viagra
    online honest bake

  • Comment Link buy viagra Tuesday, 17 September 2019 20:56 posted by buy viagra

    stroke viagra online officer viagra online expectation

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.