Thursday, 24 August 2017 17:31

IT Defense In Depth Part 1

Written by
Rate this item
(1 Vote)

In the 1930s, France built a trench network called the Maginot Line to rebuff any invasion. The philosophy was simple: if you map out all the places an enemy can attack, and lay down a lot of men and fortifications at those places, you can rebuff any attack. The problem is, you can’t map every possible avenue for attack.

What does this have to do with IT security? Today many business owners install an antivirus program as their Maginot Line and call it a day. However there are many ways to get into a network that circumvent antivirus software.

Hackers are creating viruses faster than antivirus programs can recognise them (about 100,000 new virus types are released daily), and professional cybercriminals will often test their creations against all commercially available platforms before releasing them onto the net.

Even if you had a perfect anti­virus program that could detect and stop every single threat, there are many attacks that circumvent anti­virus programs entirely. For example, if a hacker can get an employee to click on a compromised email or website, or “brute force guess” a weak password, all the antivirus software in the world won’t help you.

There are several vulnerabilities a hacker can target: the physical layer, the human layer, the network layer, and the mobile layer. You need a defense plan that will allow you to quickly notice and respond to breaches at each level.

The physical layer refers to the computers and devices that you have in your office. This is the easiest layer to defend, but is exploited surprisingly often.

Here are a few examples:

  • Last year 60% of California businesses reported a stolen smartphone and 43% reported losing a tablet with sensitive information.
  • The breaches perpetrated by Chelsea Manning and Edward Snowden occurred because they were able to access devices with sensitive information.
  • For example, Comptia left 200 USB devices in front of various public spaces across the country to see if people would pick a strange device and insert into their work or personal computers. 17% fell for it.

For the physical layer, you need to:

  • Keep all computers and devices under the supervision of an employee or locked away at all times.
  • Only let authorized employees use your devices
  • Do not plug in any unknown USB devices.
  • Destroy obsolete hard drives before throwing them out

Next time in Part II, we will talk about the human and network layers of security.

Read 25419 times Last modified on Thursday, 24 August 2017 17:46
Jordon Darling - CISSP

Jordon is the President/CEO of  HITECH. He is a business minded security professional who has a passion for people and small business.  Some of his certifications include: CISSP, CSSA, MCPS, MCNPS, MS, SA

2486 comments

  • Comment Link pavincia Saturday, 07 September 2019 14:31 posted by pavincia

    nike phantom venom fg all black shoes jordan hats toddler hair dolphins foam hat walmart pittsburgh pirates striped hat site youtube.com 2012 new nfl jerseys cincinnati bengals customized white stitched elite nfl jerseys nike air max 96 mens yellow blue shoes
    pavincia http://www.pavincia.com/

  • Comment Link susanlew Saturday, 07 September 2019 13:04 posted by susanlew

    jordan team 1 ebay los angeles dodgers bling hat xlt new air jordan 17 gs all black shoes adidas predator 18+ womens black and grey nike phantom vision academy df tf yellow blue shoes adidas shoes that look like yeezys
    susanlew http://www.susanlew.com/

  • Comment Link Jacklyn Saturday, 07 September 2019 11:04 posted by Jacklyn

    Thanks for every other informative web site. The place else may I get that type of info written in such an ideal
    means? I've a challenge that I am just now operating on, and
    I've been on the glance out for such info.

  • Comment Link Elise Saturday, 07 September 2019 10:44 posted by Elise

    Hi there colleagues, its fantastic article about cultureand fully defined,
    keep it up all the time.

  • Comment Link Russ Saturday, 07 September 2019 06:29 posted by Russ

    Great post. I used to be checking constantly this blog and I am inspired!

    Extremely helpful information particularly the
    last part :) I handle such information much.
    I was seeking this particular info for a long time. Thank you and good luck.

  • Comment Link Frederick Saturday, 07 September 2019 06:20 posted by Frederick

    Peculiar article, just what I needed.

  • Comment Link viagra usa Saturday, 07 September 2019 06:00 posted by viagra usa

    the effect of sildenafil on sperm viacheapusa.com herbal supplement for sildenafil

  • Comment Link Zack Saturday, 07 September 2019 05:33 posted by Zack

    Pretty portion of content. I simply stumbled upon your website and
    in accession capital to assert that I get actually loved account your weblog posts.
    Any way I'll be subscribing to your augment and even I achievement you get entry
    to consistently quickly.

  • Comment Link Lorena Saturday, 07 September 2019 00:43 posted by Lorena

    It's actually a nice and useful piece of information. I am satisfied that you shared
    this helpful info with us. Please stay us informed like this.
    Thank you for sharing.

  • Comment Link pornoks Friday, 06 September 2019 23:55 posted by pornoks

    thank you admin .

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.