You might have heard the phrase “multi-layered defense” in relation to protecting your computer system from a cyber-attack. A multi-layered defense is, essentially, what the term implies: a defense architecture consisting of multiple layers, from developing policies to monitoring systems, to implementing backup procedures. It is a sensible strategy for protecting assets, physical as well as digital.
For example, consider the protections in place to control access to your safety deposit box. To obtain the contents of your box, you must navigate several layers of security:
- Enter the bank.
- Enter the restricted zone – with an escort.
- Enter the vault area.
- Use your safety deposit box key in conjunction with a second key held by the bank to open the box.
Similarly, you should use a multi-layered defense strategy to protect your computer system. Implementing a firewall and antivirus software are two well-known components of a multi-layered defense. But there are additional components that could make sense for your organization, such as network segmentation, data encryption and two-factor authentication.
Here are a few things you can do to ensure an effective multi-layered defense:
- Check to see that you have a firewall and an antivirus solution in place and confirm that they are working as intended.
- Understand what types of data are stored within your computer system, such as:
- Company financial data
- Personal data (employees, customers & vendors)
- Propriety data (i.e. company trade secrets)
- Public data
- Determine the perceived value of the various types of data stored in your computer system.
- Understand how all of these data types flow into, through and from your computers – that is, where your data comes from, what you do with it, and who you share it with.
- Determine if there are or should be restrictions as to who inside or outside your organization is allowed access to each type of data.
- Check with your IT Department or managed service provider regarding the implementation of additional multi-layered defense components.
- Lastly, conduct regular evaluations to ensure all of these mechanisms continue to operate efficiently.
HBK can help you develop and evaluate a multi-layered defense strategy. For assistance, email me at firstname.lastname@example.org. As always, we are here to answer your questions and discuss your concerns.