In the last year, changes forced by COVID have introduced even more vulnerability into computer systems due to the increase in remote work. With cyber attacks, it’s a matter of when, not if. Therefore, many companies are taking a more proactive stance toward protecting technology assets. Read on to learn more about layered security and how to protect your network on multiple fronts.
Multiple Layers of Protection
Layered security can be defined as using multiple strategies to protect a company’s network, instead of one single strategy. This approach takes into account technology, processes and people and how they interact with each other. The National Institute of Standards and Technology (NIST) has established a framework including the following 5 elements; Identify, Protect, Detect, Respond and Recover. These elements provide a structured representation of layered security that has global adoption.
For example, a remote worker seeking to access their company’s system may use a virtual private network to log into their company’s network using an encrypted password along with a secondary form of authentication to access resources based on role and function. Network monitoring can be used to determine who is seeking authentication from which IP address and when to detect a malicious intrusion. Previous training in cybersecurity can keep a worker alert to social engineering (“phishing”) emails, and keep them from clicking on a suspicious link or know how to respond if they feel they have been compromised. In the case of a compromise, local or cloud backup could be used to rapidly recover. In the case where data may be leaked or lost, having an incident response plan helps to inform stakeholders as needed.
Relying on multiple layers of security is your best defense against cyber attack. In a layered security system people, technology and processes combine to keep your computer network safe from intrusion. For help with developing a layered approach to security, contact us today.