Creating a Layered Security Approach

Imagine a typical Seattle weather day (excluding July and August maybe). You’re heading out for a mixed day of fun and errands that may include visiting the local farmers market, taking the dog for a walk, making a trip to a taco truck, and maybe a hike around Discovery Park. You’ll do some walking, some driving and move between indoors and outdoors. How do you dress for this multi-faceted excursion? Layers. The answer is always layers.

The best way to protect yourself from potentially rapid changes in the elements is layers. Any given situation might call for one or another layer to do its thing, since as we know, just because it’s sunny and warm in Ballard, doesn’t mean it’ll be the same by the time you make it to Alki. So, you dress in layers.

When we think about designing IT environments for security, we think in layers, too. The t-shirt/long sleeve shirt/fleece vest/water-proof shell combination exists in the IT world, at least metaphorically. Disparate systems have their own protection features, but they must be layered upon each other and work harmoniously or they’re simply not as effective as we need them to be.

Are there gaps between your firewall’s deep packet inspection and your desktops’ anti-virus software? Are there exposed attack surfaces because your Active Directory is not syncing to your email protection system? When was the last time you had a penetration test or at least a security audit performed? These are questions that need to be asked and answered.

Between anti-spam, anti-phishing, anti-virus, firewalls, passwords, security groups, network traffic monitoring, multi-factor authentication, and anything else in play, we have many layers of security that we can build into a network’s design to create an environment that’s ready for anything, rain or shine.