Home » Technologies » IT Security
IT Security - A Layered Approach
In today's internet connected world, any device connected to an internet exposed network is potentially vulnerable to malicious attacks. Your business cannot afford not to take reasonable measures against threats such as spam and phishing emails, viruses, worms, trojans, network intrusions, denial of service attacks, rogue servers, and others. The United States NSA has developed guidelines known as Defense in Depth.
Download the PDF: United States NSA Defense In Depth
Taking the OSI Model into consideration as our multi-layered logical structure, the following layered methodology may be helpful in evaluating the security of your organization's network.
Physical Layers
|
Security is achieved by locking critical network operations centers and using video-based security systems where necessary and by enacting policies and procedures regulating which people and what devices can and connect to networks. Wireless networks need SSID Broadbasts disabled, access lists, and encrypted authentication enabled at a minimum. Biometric scanning or ID badges add yet another layer of access control to your physical structures. |
| Network Layers |
Security is achieved by controlling packets on the network. A professionally configured firewall and/or adaptive security device is your first line of defense from threats posed to your global-public internet ports. LAN security can be achieved by placing critical servers and devices on subnetworks. Devices include: Firewalls, Routers, Switches, Gateways.
|
| Application Layers |
Most exploits come from viruses, trojans, spam and other software-based malicious programming. The following types of software provide defenses: Secure File and Folder Access Control List Standards, Anti-Virus detection, Anti-Spam filters, Proxy Servers and/or Web Traffic Filtering.
|
Learn how To Solution can help your company with IT Security: Contact us today
|
|
