It was with great interest that I read a post by fellow IT Peer Network blogger, Chris Peters discussing a layered approach to protection while finding that balance between security and the flow of information. As a matter of fact, the defense-in-depth strategy that the post highlights for a mobile business can be extended to other domains as well – national security for example. “The best approach is defense in depth,” says Steve Lazerowich, a security solution leader within the U.S. Public Sector practice for HP Enterprise Services.
There’s a lot that Enterprise IT can learn from history. Greek philosopher, Eratosthenes for example made Big Data matter 2300 years ago. The term Business Intelligence was used as far back as 1865 by Sir Henry Furnese. Similarly, securing the perimeters of your enterprise is not a new concept either. Monarchs of the past would have outposts with guards on the lookout for adversaries on the prowl with a body of water – usually a moat – delineating their home base; serving as another deterrent with multiple layers of armed warriors guarding the innermost residence of the reigning monarch and family. In concept, layered protection has been around for centuries, and is proving itself to be an effective strategy even today for securing Enterprise IT. Let’s see how.
- Boundary: This is the outer periphery of the enterprise that represents the nation with firewalls and network intrusion prevention systems.
- Network: Intrusion detection systems monitor unauthorized network traffic raising the right security alerts.
- Platform: Platforms need their own end-point protection; including malware protection, data encryption, and white-listing technology. Patterns of incidents at a platform level can be used to identify unwarranted attempts of security violations.
- Applications: Applications, as the weakest link, provide the greatest opportunities to enforce security. Getting back to basics across the Software Development Lifecycle is vital. Are your applications holding the fort in your enterprise?
- Data: This is the pot of gold at the end of the rainbow for adversaries. Data Leak Protection is designed to further protect data by ensuring users can only access and use information needed to perform their specific roles. Data encryption is another layer of defense to prevent
misuse, should it fall into wrong hands.
“Today, there is simply no way to provide 100 percent protection,” says Lazerowich. But that is no excuse to not take proactive measures across all layers of defense.
Even from a network security perspective, it is no wonder that Jennifer Ellard – Director Product Marketing, HP suggests “a layered approach” to stay ahead of today’s evolving threat landscape in the DT2153 session at HP Discover in Barcelona. I am sure Peters and Lazerowich would agree with Ellard’s assertion.
So would I.
How about you? Please let me know your thoughts.
Team up with HP Technology Expert, E.G.Nadhan