Technology Blog »

Secure your Network with a Defense In-Depth Cybersecurity Strategy

Defense in-depth approach to IT Security
posted by Richard Delaney, CTO

May 26, 2019

As information technology systems get more complicated, computer Malware also gets more aggressive.  With what is now a constant onSLAught of Spear PHIshing, Credential Jacking, Ransomware, and other email attacks that can easily overwhelm a user's ability to spot, your Antivirus Software is often ineffective against attacks like these. In most cases, firewalls are just like a lock on a screen door against a burglar in the night.

Similar to the layers of a police officer's bulletproof vest, which utilizes multiple layers of Kevlar fabric to stop a bullet from penetrating his body, you need to weave multiple layers into your business' cybersecurity strategy.

The Use of a Defense In-Depth Cybersecurity Strategy Assures Network Security by Working based on the Following Principles:

Defenses in Multiple Places:

The use of coordinated, organized multiple security countermeasures to keep your network safe is based on the military principle that a multi-layered and complex defense is more difficult to defeat than a single-barrier protection system. Many viruses can attack the network system from multiple points means that you need to deploy robust defense mechanisms at various locations that can endure all types of attacks.

By deploying a more modern security appliance at your network's edge that incorporates intrusion prevention and detection (IPS/IDS) as well as Geo-based firewall ruleset that can endure active network attacks and can deny traffic from bad networks such as but China and Russia, you will quickly reduce the attacks on your network.

Multiple Layered Defense:

Defense in depth goes beyond just having a physical security system. It is an extremely effective countermeasure strategy because it deploys multiple layered defense mechanisms between the attacker and its targetexamples of defense in-depth security strategies. Each layer of the defense has its unique mechanisms to withstand the virus attacks. Furthermore, it would be best to make sure that each layer has both detective and protective measures to ensure the network's security.

The reason for wrapping the network with multiple layers of defense is that a single protection line may be flawed. And the surest way to protect your system from any attacks is to deploy a series of different defenses to cover the weaknesses inherent in each of the individual defenses. Malware scanners, firewalls, intrusion detection systems, biometric verification, and local storage encryption tools can individually serve to protect your IT resources in a way others cannot. If you’re looking to give your computer systems better protection against the harmful elements that the internet can bring, then give us a call, and we’ll have one of our cybersecurity professionals speak to you about what we can do to defend your business.

Education and Cybersecurity Awareness Training of Common Internet Threats

The most important and what should be your first layer of defense should be your users' education.  DCS offers cybersecurity awareness training for employees to learn how to spot and identify common threats and internet-based phishing scams.  The email threat vector is the weakest in a lot of cases and, most likely, your most likely point of entry for a virus next to web surfing.  Your employees need to learn how not to compromise computer systems' integrity with potentially unhealthy computer practices. As much as possible, teach them the dos and don’ts of using the computer, as well as how they can prevent viruses and other computer malware from coming in and destroying your system.

Get Away from the Break/Fix Approach to Managing  your Company's Technology - Use a Managed Service Provider

Using an "IT Guy" to maintain your computer network is outdated and can cause more problems they then solve.  Typically something has to break or stop working before your IT guy knows about it and you receive service, resulting in an inevitable reduction in IT system performance. At the same time, you wait for the problem to be fixed.

If you fall behind in keeping up with important tasks like backups, patches, and security updates, the odds greatly increase that you’ll face an IT outage or another problem very quickly, which often leads to substantial productivity and revenue losses, which small business owners don't often take into account. 

The most noticeable benefit of using a Managed Services Provider is since they use tools to monitor and maintain your network, they can often discover and fix problems before they can negatively affect your business. Still, they also do the hard, tedious. Boring work of keeping up with network monitoring, patch management, and desktop optimization performed regularly, which are all essential parts of the Defense In-Depth security model. Besides, the likelihood that your friendly neighborhood MSP has great techniques that your current IT guy may not know how to access.

If you would like to know more about DCS can do to employ a Defense In-Depth security model, contact us, and we will be more than happy to help you.