Thursday, 24 August 2017 17:31

IT Defense In Depth Part 1

Written by
Rate this item
(1 Vote)

In the 1930s, France built a trench network called the Maginot Line to rebuff any invasion. The philosophy was simple: if you map out all the places an enemy can attack, and lay down a lot of men and fortifications at those places, you can rebuff any attack. The problem is, you can’t map every possible avenue for attack.

What does this have to do with IT security? Today many business owners install an antivirus program as their Maginot Line and call it a day. However there are many ways to get into a network that circumvent antivirus software.

Hackers are creating viruses faster than antivirus programs can recognise them (about 100,000 new virus types are released daily), and professional cybercriminals will often test their creations against all commercially available platforms before releasing them onto the net.

Even if you had a perfect anti­virus program that could detect and stop every single threat, there are many attacks that circumvent anti­virus programs entirely. For example, if a hacker can get an employee to click on a compromised email or website, or “brute force guess” a weak password, all the antivirus software in the world won’t help you.

There are several vulnerabilities a hacker can target: the physical layer, the human layer, the network layer, and the mobile layer. You need a defense plan that will allow you to quickly notice and respond to breaches at each level.

The physical layer refers to the computers and devices that you have in your office. This is the easiest layer to defend, but is exploited surprisingly often.

Here are a few examples:

  • Last year 60% of California businesses reported a stolen smartphone and 43% reported losing a tablet with sensitive information.
  • The breaches perpetrated by Chelsea Manning and Edward Snowden occurred because they were able to access devices with sensitive information.
  • For example, Comptia left 200 USB devices in front of various public spaces across the country to see if people would pick a strange device and insert into their work or personal computers. 17% fell for it.

For the physical layer, you need to:

  • Keep all computers and devices under the supervision of an employee or locked away at all times.
  • Only let authorized employees use your devices
  • Do not plug in any unknown USB devices.
  • Destroy obsolete hard drives before throwing them out

Next time in Part II, we will talk about the human and network layers of security.

Read 49856 times Last modified on Thursday, 24 August 2017 17:46
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

24395 comments

  • Comment Link Jerri Thursday, 18 October 2018 14:37 posted by Jerri

    I was suggested this blog by way of my cousin. I'm no
    longer sure whether this publish is written by means of him as nobody else understand such particular about my trouble.
    You're wonderful! Thanks!

  • Comment Link Erma Thursday, 18 October 2018 07:24 posted by Erma

    Thanks for sharing your thoughts about security. Regards

  • Comment Link John Deere Technical Manuals Tuesday, 16 October 2018 13:02 posted by John Deere Technical Manuals

    almost everyone in our family have hypertension, this disease is very common among older people,

  • Comment Link John Deere Repair Manuals Tuesday, 16 October 2018 06:53 posted by John Deere Repair Manuals

    Aw, it was a very good post. In concept I have to devote writing like this moreover – taking time and actual effort to make a great article… but what things can I say… I procrastinate alot through no means seem to get something carried out.

  • Comment Link Beaulah Charland model cam Monday, 15 October 2018 12:12 posted by Beaulah Charland model cam

    Perfect! Cool tips over here. It is pretty worth enough for me. From my point of view, if all website owners and bloggers made good content as you did, the web will be much more helpful than ever before. I couldn't refrain from commenting. I 've spent 1 hour trying to find such infos. I will also share it with a couple of friends interested in it. I have just bookmarked this web. Done with the job done, I will watch some free live model cams. Thanks!! Greetings from Norwalk!

  • Comment Link Hermina Otex model cam Monday, 15 October 2018 03:57 posted by Hermina Otex model cam

    Amazing article! Interesting information over this web. It's pretty worth enough for me. Personally, if all web owners and bloggers made good content as you did, the Inet will be a lot more useful than ever before. I could not refrain from commenting. I 've spent some hours trying to find such infos. I'll also share it with my best friends interested in it. I have just bookmarked this website. Right now with the job done, I going to find some free online model Webcams. Thanks!! Greetings from Carlsbad!

  • Comment Link Escorts Hyderabad Sunday, 14 October 2018 03:46 posted by Escorts Hyderabad

    Good Info Buddy. It Helps a lot. Love to see you posts. Our Indian Escorts in Hyderabad are very discrete, honest and professional with client. Our Escort girls offer in call and outcall services in every major area in Hyderabad. Our most trusted Indian Escorts having great intelligence, humour and charm to seduce the clients. They’ll make surely your remain in Hyderabad will become ne'er -to-be-forgot. In become the escort agency Hyderabad-Love insures that everybody is covered discreet, professional and anonymous. Contact Miss Anjali @ http://www.missanjali.com

  • Comment Link check that Sunday, 14 October 2018 02:51 posted by check that

    I just want to tell you that I am just newbie to blogging and certainly loved this web site. Very likely I’m going to bookmark your blog post . You definitely have great articles and reviews. Bless you for sharing your web page.

  • Comment Link check these guys out Sunday, 14 October 2018 02:03 posted by check these guys out

    I simply want to mention I am new to blogging and site-building and absolutely enjoyed this page. Probably I’m going to bookmark your website . You really come with perfect writings. Thanks a bunch for sharing with us your website.

  • Comment Link Taren Thursday, 11 October 2018 07:01 posted by Taren

    I just couldn't depart your web site prior to suggesting that I actually loved the
    standard info an individual supply for your visitors?
    Is going to be again incessantly to check out new posts

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.