Defense-in-Depth

Written by:

Eric Wolfe

Managed Services Administrator

NET Xperts LLC

Cyber security is a moving target. So what can be done to proactively protect data and systems? Adopting a solid defense-in-depth strategy can help minimize the risk an organization is exposed to. Defense-in-depth involves a layered approach to security mitigation. More specifically, defense-in-depth involves all aspects of the technology infrastructure, including hardware, software, policies, procedures, training, awareness, and accountability. The primary goal is to minimize the probability of a successful attack by establishing multiple barriers of access. A well-designed defense-in-depth strategy can help identify attempted compromises to an organizations computing environment. If unauthorized access to a system occurs, established defense-in-depth measures help to minimize any adverse impact and provide sufficient time to deploy new or updated countermeasures to prevent future attacks. While there are some obvious strategies to be utilized (for example: installing a firewall to protect the environment from outside entry), there are some basic elements that are generally overlooked. Such items include:

• Ensure all workstations and servers have anti-virus protection installed. More importantly, make sure policies and procedures are in place to ensure that these systems remain current with definitions, patches, etc. NET XAlert! Managed Services can handle this for you under one of our monthly Managed Services plans
• Utilize Windows Firewall (or other similar software) to minimize access to workstations and servers. Turn off any unnecessary services and limit the access to approved services based on user and group profiles.
• Establish policies and procedures to ensure timely installation of operating system security patches. Hackers tend to exploit systems that have not been patched against known bugs. Handling patches is another great benefit of the NET X Alert! Managed Services programs.
• Utilize standard switching/routing protocols to limit network access to resources. For example, if you are only utilizing a connection for voice traffic, open just those ports/services necessary for voice communication. All other ports/services should be disabled.
• Inspect log files. While this can seem like a monumental task, the risk of not identifying potential threats early can lead to disastrous results in the future. Since most companies do not want to handle this on their own, or even know what to look for, NET X Alert! Managed Services is now offering the new NET X SIEM! NET X SIEM is an add-on to your Managed Services plan, or can be a stand-alone monthly service, that inspects log files for you and reports back with anomalies that can help protect you from a cyber attack.
• Password strength and revolution. Strong passwords, changed often, can assist in minimizing unauthorized access to systems.
• Ongoing employee security awareness training. Each individual has a responsibility to follow established security processes and procedures. Ongoing training helps enforce the importance of and adherence to defined security measures.

While the points above are in no way comprehensive, they do illustrate some areas often ignored. Remember, the goal of a good defense-in-depth strategy is to sway the “effort vs. reward” pendulum so that the effort necessary is not worth the reward obtained. By “locking and monitoring multiple doors” to our infrastructure, we can make it unpleasing for the hacker wanting to knock!

NET Xperts LLC and our NET X Alert! Managed Services can help add to your layers of security to protect your business and your vital information. Call us at 412.244.NETX (6389) today to learn more about protecting your network!