fbpx
Question? Call Us 858-777-0040
Logo 01

What is a layered defense?

Layered defense - cake picture
Download the accountant's guide to the safeguards ruleGet your CPA firm aquainted with new FTC rules.

Read our latest eBook "The Accountant's Guide to the FTC Safeguards Rule"

You need secure data. Whether you are using, saving or sending it, the bad guys want to steal (exfiltrate) it or encrypt it and hold it for ransom. Your defenses need to be complex: layered, limiting, diverse, obscure, yet simple.

Layering

One way to protect your data is through building a layered defense. “Technical controls,” like firewalls and intrusion prevention systems, can be configured so that if an attacker gets past one layer, another is there to take over. This is the most comprehensive security paradigm.

But a layered defense is just one paradigm of protection. Defenses are also based on four others.

Limiting

Companies should give users not only access, but the proper level of this access. In addition to this access control, you should also remove orphaned accounts (like that from terminated employees) and administrative permissions that were given to the wrong user.

Diversity

If an attacker breaches one level of security, he should not be able to breach the next with the same technique. This diversity can be achieved by using defense tools from different vendors.

Obscurity

You can obscure your systems against attacks on known vulnerabilities in those systems. For example, administrators can block unused ports. This can for example replace a door with a wall, giving the threat actor less information on your internal systems because a wall is harder to gain access through than a door with a lock.

Simplicity

Systems should be simple to those on the inside of your organization, but complex to those on the outside.  As above, your company users need limited access and you should have administrators block unused ports.

Conclusion

Malicious threat actors can be in your systems right now, waiting for the perfect time to strike. You may even find out that you’ve already been compromised and your data has now shown up for sale on the dark web. You need an expert service provider who creates technical and operational controls with all five of these principles in mind.

***

Tech Kahunas is a San Diego Managed IT Services provider which provides IT support and services like 24/7 monitoring, data backup and restore, and malware protection.

Tech Kahunas will help you Defend Your Island. Set up a free 30-minute Strategy Session with us now.

The four elements of the KahunaVision Technology Assessment are:

– Outsourcing –
Upgrade with our Kahunas. We’ll take your concerns (and problems) so you can do what you do best.

– Modernization –
Throw away that old tech! Take advantage of artificial intelligence, cloud apps, and fortified backups.

– Cybersecurity –
Don’t understand cybersecurity? Strengthen your IT systems with your personal Tech Kahuna.

– Compliance –
Compliance is boring–but many businesses still need to do it! We’ll help you with that, too.

Kahuna Shield will tie it all together.

Get your CPA firm aquainted with new FTC rules.

Read our latest eBook "The Accountant's Guide to the FTC Safeguards Rule"

Leave a comment

Your email address will not be published. Required fields are marked *

Peter Bondaryk
Peter Bondaryk
Facebook
Twitter
LinkedIn
Pinterest

– Outsourcing –
Upgrade with our Kahunas. We’ll take your concerns (and problems) so you can do what you do best.

– Modernization –
Throw away that old tech! Take advantage of artificial intelligence, cloud apps, and fortified backups.

– Cybersecurity –
Don’t understand cybersecurity?Strengthen your IT systems with your personal Tech Kahuna.

– Compliance –
Compliance is boring–but many businesses still need to do it! We’ll help you with that, too.

Wield the Kahuna Shield

Schedule a strategy session

Get Our FREE C-Suite and Business Owner's Guide
to Cybersecurity
csuite-ebook-homesplash
Latest posts
Follow us

Get Our FREE Accountant's Guide to the FTC Safeguards Rule Ebook!

The New FTC Requirements
That Will Change the Way You
Do Business

Get Your FREE Copy!​

Sign up to learn how you can protect against cybercrime

Nullam quis risus eget urna mollis ornare vel eu leo. Aenean lacinia bibendum nulla sed 

If today your business was hacked and you were at risk of losing it all...
Do you have a plan?
We will not spam, rent, or sell your information.

Nullam quis risus eget urna mollis ornare vel eu leo. Aenean lacinia bibendum nulla sed 

Join our newsletter and get a 20% discount
Promotion nulla vitae elit libero a pharetra augue