What is defense in depth?
Defense at depth is a concept in information technology (IT), which includes the use of multiple layers of security to maintain information safety. This does not apply to the use of specific software programs, but it is a methodology of "proven procedures", which can be used as a guide to secure the system. There are three basic components - people, technology and operations - and ensuring all three components creates a strong overlap of security. Defense at depth is based on a military concept in which the distributed layers of defense can be used to slow down the advancing opposition. This means that while the viral scanner can be one effective way to maintain malicious software, it should also be paired with the Firewall gateway, sensitive data should be encrypted and protected by password and users should be instructed in BePractics. The "Defense in depth" practices were introduced by the US National Security Agency (NSA) to protect computer systems from MOZvásnýi attacks.
There are three primary components in creating a defense system at depth, which are people who have access to the system, used technology and operations, or manage this system. People include not only companies who may be authorized to access sensitive data, but also those who may want to attack the company and illegally approach information. Employees should learn proven procedures and a noticeable security presence should be seen to strengthen the importance of people as part of IT security.
The actual technology used in the system is also necessary to create an in -depth access to safety. This means that the software should be reliable and verified by trusted third parties that have tessoftware. Technological Security layers, including encryption, firewall gateway, data monitoring systems, and data monitorProtection of computer terminals. Operations involved in this type of project are also essential, because effective management of people and technology is the only way to ensure that these systems are introduced and properly used.
Defense Inter is designed to better protect information but slow down and detect attacks on a company or agency. This approach acknowledges that the attack is a thing "when" and not "if", and so the system is designed to create a layered defense that slows the attack. Since the attack then lasts longer, other systems can be used to detect it. This allows the company or the agency not only to provide data, but also to identify and act against attackers who are trying to approach this data illegally.