Layered Security: Think Castle Walls and a Moat Full of Alligators

Smart castle builders in the medieval ages knew the value of layered security and created multiple hurdles to challenge attackers.

Deep moats, often rumored to be filled with alligators, prevented invaders from tunneling under the castle. Towering double walls withstood the hurl of battering rams and catapults. High walk walls were used to sling arrows and other direct attack methods to prevent breaches into the castle’s core.

Today your ‘digital kingdom’ is under attack too.

Ever present cybercriminals are watching web applications, infiltrating operating systems and taking over hardware. They may even be manipulating your employees’ through their e-mail, personal cell phones and tablets.

Cybercriminals know no bounds and they’re more aggressive than ever. News feeds are littered with names of some of the largest, most sophisticated enterprises and high profile government entities that have seen their ‘security walls’ collapse.

Recently, CIA director John Brennan’s personal email was hacked. The New York Times reported that, “The group tricked people into providing information that allowed them to access the victim’s accounts, a technique known as social engineering.”

Layered security offers protection.

Attacks can come from anywhere in your organization. Like a castle, layered security keeps your system’s core and sensitive data surrounded by many protective walls to prevent hostile cybercriminal takeovers.

Layered security in action can look like this scenario:

• A cybercriminal impersonates the CEO and sends an email with an intriguing questions asking you to click ‘like’ or open an attachment.
• Your anti-spam solution detects it and blocks the link or attachment.
• If the anti-spam doesn’t catch it, perhaps the workstation antivirus has a signature match and quarantines the malicious software from executing once the user opens the file.
• What if it’s a Zero-Day attack (no known fix yet available) that slips through the first few layers of defense?

Hopefully you have IPS/IDS or some form of heuristics enabled that can detect the behavior of the software and if it is malicious, quarantine or alert someone for further investigate.

Four defense walls that fend off attacks.  

Layered security requires a ‘whole business’ perspective and goes beyond one single person or the IT department’s job. Most likely you have an infrastructure with many departments, employees, work stations and offices sharing data from one network. While sharing data offers benefits, it can also create potential weaknesses that can be exploited by attackers.

Having layers of defense is critical because malware acts like a quick change artist with the ability to morph its way through your system—causing even greater, more aggressive threats as it moves along. If the aggressors break through one wall, you need to have several more barricades to hold back the invader.

Layered security that helps thwart invaders include:

1. Physical Security – Gates, locks, guards, keycards and other physical devices help keep people at a distance where necessary. (Note that technology has blurred the line between physical and information security systems.)

2. Vigilance on Network Security – Equipping with the appropriate security tools like firewalls, intrusion detection and prevention systems, heuristics and regular updates from threat intelligent sources allow safe information sharing among various offices and within the organization.

3. Computer Hardening – Minimizing software vulnerabilities that allow intruder access.

4. Application Security – Locking down user access with added protections like username/password logins or the lesser known two-factor authentication(2Fa) that requires an extra step beyond username/password like your finger or a pin number sent to your smart phone.

Managed Security Service Provider (MSSP) fills the gaps.

While you may have some layers in place, gaps in security can come from any number of places including endpoint devices, web apps, networks and within your organization. Outsourcing with a Managed Security Service Provider can fill the gaps by providing:

• Security experts with the background and resources to build layers of protective walls against current and changing threats.
• Increased data security including implementing and configuring firewalls, installing operating system security patches and anti-malware software, employee training to help them spot phishing attempts, and monitoring logs.
• Incident preparation. No security measures can provide 100% protection against a breach. Critical to recovery is planning ahead. An MSSP will develop a response plan and how to react if a breach occurs.
• Backup and recovery processes in place to prevent hacker malware corrupted files—or ransomware denial of access to files and work related data loss caused by employee errors and hardware failures.

No business is too small to attract hacker attention. Cybercriminals don’t deserve your money or the opportunity to waste your time dealing with the consequences of their corruption. An MSSP can be your 24/7 line of defense. They can be your “castle double wall and moat full of alligators” so you can do what you do best—focus on your core business.