The concept of Defence in Depth is often ignored across the IT industry. System administrators and security engineers believe that the best way to stop an attacker is either having hardened firewalls, or advanced endpoint protection, or just a Web Application Firewall (WAF). Research has proven that using only one of these security solutions alone would not offer enough protection in an attack. Defence in Depth is the fundamentals of using different layers of protection to secure an asset. Layers of security can range from physical layers (walls, secure doors, cameras), through to the use of cryptography, next-generation firewalls, advanced endpoint protection and IDS/IPS solutions.
The main objectives we want to achieve with the use of Defence in Depth is to deter, detect, delay and respond efficiently to an attack. Deterrence is an effective “tool” to help reduce the risk of an attack against an asset. Organisations often do not realise the importance of a good deterrent, as this will help in reducing risk. Detection will be done through the ingestion of the logs obtained from the different security solutions through a SIEM, providing the organisation with live alerts. Once an intruder is detected, the layered security will help in delaying the attacker from reaching their objectives, giving time to the organisation to respond to the security alerts.
At Diverse Services, we often have discussions with organisations not understanding the concept of Defence in Depth. They believe that a single security solution is enough to protect them from an attacker or data breach. Organisations do not realise that the attacker can even be one of their employees, whether they are malicious or simply from human error. We often advise these organisations to look at securing their whole environment, and not focusing on a single risk factor.
The solutions provided by Diverse Services cover all the aspects of Defence in Depth. We can advise and implement solutions required to secure your organisation as a whole, whilst focusing on the ease of use and maintenance.
Want to know more? Contact us here to speak to one of our security specialists.