Thursday, 24 August 2017 17:31

IT Defense In Depth Part 1

Written by
Rate this item
(1 Vote)

In the 1930s, France built a trench network called the Maginot Line to rebuff any invasion. The philosophy was simple: if you map out all the places an enemy can attack, and lay down a lot of men and fortifications at those places, you can rebuff any attack. The problem is, you can’t map every possible avenue for attack.

What does this have to do with IT security? Today many business owners install an antivirus program as their Maginot Line and call it a day. However there are many ways to get into a network that circumvent antivirus software.

Hackers are creating viruses faster than antivirus programs can recognise them (about 100,000 new virus types are released daily), and professional cybercriminals will often test their creations against all commercially available platforms before releasing them onto the net.

Even if you had a perfect anti­virus program that could detect and stop every single threat, there are many attacks that circumvent anti­virus programs entirely. For example, if a hacker can get an employee to click on a compromised email or website, or “brute force guess” a weak password, all the antivirus software in the world won’t help you.

There are several vulnerabilities a hacker can target: the physical layer, the human layer, the network layer, and the mobile layer. You need a defense plan that will allow you to quickly notice and respond to breaches at each level.

The physical layer refers to the computers and devices that you have in your office. This is the easiest layer to defend, but is exploited surprisingly often.

Here are a few examples:

  • Last year 60% of California businesses reported a stolen smartphone and 43% reported losing a tablet with sensitive information.
  • The breaches perpetrated by Chelsea Manning and Edward Snowden occurred because they were able to access devices with sensitive information.
  • For example, Comptia left 200 USB devices in front of various public spaces across the country to see if people would pick a strange device and insert into their work or personal computers. 17% fell for it.

For the physical layer, you need to:

  • Keep all computers and devices under the supervision of an employee or locked away at all times.
  • Only let authorized employees use your devices
  • Do not plug in any unknown USB devices.
  • Destroy obsolete hard drives before throwing them out

Next time in Part II, we will talk about the human and network layers of security.

Read 6468 times Last modified on Thursday, 24 August 2017 17:46
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

277 comments

  • Comment Link Cheat gta 5 ps3 Saturday, 09 February 2019 15:11 posted by Cheat gta 5 ps3

    An outstanding share! I have just forwarded this onto a co-worker who has been conducting a little homework on this. And he actually bought me lunch due to the fact that I found it for him... lol. So let me reword this.... Thanks for the meal!! But yeah, thanx for spending the time to discuss this matter here on your web page.

  • Comment Link cheat gta 5 ps3 Saturday, 09 February 2019 12:56 posted by cheat gta 5 ps3

    Great goods from you, man. I've understand your stuff previous to and you're just too wonderful. I really like what you have acquired here, certainly like what you're stating and the way in which you say it. You make it enjoyable and you still take care of to keep it wise. I can not wait to read far more from you. This is really a tremendous site.

  • Comment Link Houston DJ Services Friday, 08 February 2019 21:06 posted by Houston DJ Services

    I do not know if it's just me or if everyone else experiencing issues with your site. It seems like some of the text on your content are running off the screen. Can someone else please provide feedback and let me know if this is happening to them too? This could be a problem with my internet browser because I've had this happen before. Appreciate it

  • Comment Link Edwina Friday, 08 February 2019 16:18 posted by Edwina

    I'm really enjoying the theme/design of your website.
    Do you ever run into any internet browser compatibility issues?
    A few of my blog readers have complained about my website not working correctly in Explorer but looks
    great in Safari. Do you have any ideas to help fix this problem?

    sbobet

  • Comment Link Houston Wedding Photographer Friday, 08 February 2019 06:03 posted by Houston Wedding Photographer

    Attractive portion of content. I simply stumbled upon your blog and in accession capital to claim that I acquire actually loved account your weblog posts. Anyway I will be subscribing to your augment or even I fulfillment you get right of entry to consistently fast.

  • Comment Link Link Terbaru QQ188 Wednesday, 06 February 2019 17:35 posted by Link Terbaru QQ188

    Attractive portion of content. I just stumbled upon your site and in accession capital to claim that I acquire in fact enjoyed account your blog posts. Anyway I'll be subscribing to your augment and even I fulfillment you get admission to constantly quickly.

  • Comment Link Situs Judi QQ188 Wednesday, 06 February 2019 15:19 posted by Situs Judi QQ188

    Pretty component of content. I just stumbled upon your site and in accession capital to say that I get in fact enjoyed account your blog posts. Any way I'll be subscribing in your augment or even I fulfillment you get right of entry to consistently quickly.

  • Comment Link Poker online terbaik Sunday, 03 February 2019 03:58 posted by Poker online terbaik

    Attractive section of content. I just stumbled upon your web site and in accession capital to say that I acquire in fact loved account your blog posts. Anyway I will be subscribing in your augment and even I success you get admission to persistently quickly.

  • Comment Link Agen judi poker online Friday, 01 February 2019 23:12 posted by Agen judi poker online

    Attractive component of content. I just stumbled upon your site and in accession capital to assert that I acquire actually enjoyed account your blog posts. Any way I will be subscribing in your augment or even I success you access persistently fast.

  • Comment Link Daftar poker online Friday, 01 February 2019 23:10 posted by Daftar poker online

    you're in reality a just right webmaster. The website loading velocity is amazing. It seems that you're doing any distinctive trick. Also, The contents are masterwork. you've done a great process on this subject!

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.