fbpx
Question? Call Us 858-777-0040
Tech Kahunas Header Logo

What is a layered defense?

Layered defense - cake picture

You need secure data. Whether you are using, saving or sending it, the bad guys want to steal (exfiltrate) it or encrypt it and hold it for ransom. These malicious threat actors can be in your systems right now, waiting for the perfect time to strike. You may even find out that you’ve already been compromised and your data has now shown up for sale on the dark web.

Layering

One way to protect your data is through building a layered defense. “Technical controls,” like firewalls and intrusion prevention systems, can be configured so that if an attacker gets past one layer, another is there to take over. This is the most comprehensive security paradigm.

But a layered defense is just one paradigm of protection. Defenses are also based on four others.

Limiting

Companies should give users not only access, but the proper level of this access. In addition to this access control, you should also remove orphaned accounts (like that from terminated employees) and administrative permissions that were given to the wrong user.

Diversity

If an attacker breaches one level of security, he should not be able to breach the next with the same technique. This diversity can be achieved by using defense tools from different vendors.

Obscurity

You can obscure your systems against attacks on known vulnerabilities in those systems. For example, administrators can block unused ports. This can for example replace a door with a wall, giving the threat actor less information on your internal systems because a wall is harder to gain access through than a door with a lock.  

Simplicity

Systems should be simple to those on the inside of your organization, but complex to those on the outside.  As above, your company users need limited access and you should have administrators block unused ports.

You need a company who creates technical and operational controls with all five of these principles in mind. Tech Kahunas knows the needs of SMBs and organizations.

We’ll stay on top of the threats.
We’ll watch your data.
We’ll review your risks.

We’ve got years of this.

1 comment

Leave a comment

Your email address will not be published.

Peter Bondyark and J.C. Berry
Peter Bondyark and J.C. Berry
Facebook
Twitter
LinkedIn
Pinterest
Subscribe for security updates.
Latest posts
Follow us
The Road To Cyber Strength Thumbnail
Tech Kahunas FREE EBOOK

Get Your Copy of
The Road to Cyber strength

Download Tech Kahunas’ latest eBook The Road to Cyber Strength. Read about the state of cybersecurity in 2022, the companies that didn’t make it, and where the road can lead you in 2023 and beyond.

What if Today you or your business was hacked and you were at risk of losing it all? Do you have a plan?
We will not spam, rent, or sell your information.

Nullam quis risus eget urna mollis ornare vel eu leo. Aenean lacinia bibendum nulla sed 

Nullam quis risus eget urna mollis ornare vel eu leo. Aenean lacinia bibendum nulla sed 

Join our newsletter and get a 20% discount
Promotion nulla vitae elit libero a pharetra augue