Depth Security Strategy Paper

865 Words4 Pages

The idea behind defense of depth security strategy came from the military defense where obstacles were deployed to spend the resources of an attacker. In network security, organizations deploy different defensive strategies to reduce the risk of unauthorized access or outside attacks. The well-executed and implemented defense in depth strategy prevents an extensive variety of attacks and produces real-time intrusions alerts to the administrators. The defense in depth strategy also provides differential security against attempts from attackers who decide to exploit real-time environments with different tactics of attack. Defense of depth creates an effective way of validating and prevention of automatic attacks from the public internet against …show more content…

Security policies and procedures, physical activity, perimeter and network security, monitoring and logging of events, host security, session security, application security, and data security and data leakage prevention are the elements associated with defense in depth. Security policies and standards set the benchmark and create best security practices for organizations. Physical security deals with the protection of server room, laptops, and human factors. Perimeter and network security evaluate the attacks and threats to implement inspection of security measures such as a firewall. Monitoring and logging of events monitor signs of possible intrusions from attackers and threats to the system. Host security uses antiviruses to detect host intrusion and implement prevention mechanism. Session security applies encryption and appropriate keys for security. Application security deals with security of users, credit cards, and restriction on rights. Data security and data leakage prevention support encryption implementation to protect private data of organizations (Shamim, Fayyaz, & Balakrishnan, 2014, pp. …show more content…

This helps with environments with defense in depth strategy to expect alarm signal for protection. Defense in depth strategy is so flexible and easily adaptable to new threats by implementing new security measures. This has made it easy for small ordinary firms to larger organizations such as the military to adopt this model of security strategy. The strategy of defense in depth model implement risk analysis of threat and propose control measure to separate important assets and strengthens them to create different obstacles from attackers by creating different levels of authentication to avoid a successful invasion (Shamim, Fayyaz, & Balakrishnan, 2014, p. 23). The advantage of implementing layered security enables higher security by blocking several imminent threats without any gap of opportunity for them to exit. This security actively seeks various attacks and their behaviors to drop them from the site thereby minimizing threats. The second benefit with layered security is the ease of use with deep applications for inspection functions and has default blocking mechanisms to reduce attacks without complex configurations (Brandt,