The importance of a multi-layered approach to IT security

Blog by: Mark Wainwright, Enterprise Security Solutions, Adept4 - 03-Apr-2018

Ensuring your IT is secure is a key responsibility of all companies. Not only is global cyber-crime on the rise, but with data protection set to strengthen in May 2018 with the EU General Data Protection Regulation, it’s now essential that companies do everything they can to protect their systems.

A multi-layered security approach is widely considered to be the best way to prevent attacks from doing irreversible damage to a business. But what is it and why is it so important?

What is multi-layered security?

Simply having a firewall and anti-virus software provide little to no resistance against increasingly sophisticated cyber-attacks.

A multi-layered security approach means having many different levels of security to protect your data and systems—working across different protocols and applications. This means that each level has a backup in case of a breach, while the strengths of the layers taken as a whole help to cover any flaws in individual components.

Another widely used term for multi-layered security is ‘defence in depth’, which implies that the strategy is more concerned with multiple layers slowing an attack until it can be dealt with. However, one of the strengths of a multi-layered approach to network security is that each of the protective layers focuses specifically on protecting an area where attacks could happen, thus making the defence as strong as possible everywhere—which is another reason why it’s better than a single security solution. 

The importance of this approach in a dangerous digital world

According to the Allianz Risk Barometer, the number one concern among UK businesses in 2017 was the threat of cyber incidents (including cyber-crime). And with such high-profile incidents making the news, such as the WannaCry attack on the NHS, it’s easy to see why companies here are so concerned.

Whether we’re talking hackers, data breaches, viruses or organised crime, global cyber-incidents have never been more of a threat. It’s costly too. According to a 2014 report by the Center for Strategic and International Studies, together with MacAfee, the global cost of cyber-crime was suggested to be in the region of $400 billion. We can assume that figure has increased in the years since, plus we’re not even taking into account the damage done to organisational reputation when such crime occurs.

With sophisticated blended (or multi-pronged) cyber-threats now commonplace, only IT security protections designed to counter across multiple fronts have a chance at stopping these types of attack. Which is why multi-layered security is so important.

A4_Website_Security_Bro_Download

The security layers that can be used to protect your business

Most modern business models now consist of operations involving the use of multiple systems, devices and areas of data storage. They could be entirely on site, or in the cloud, or a hybrid of both.

A single solution simply can’t be expected to offer the same high level of protection for everything, from data to the methods of communication and the network itself. Use of multiple layers of security can help target those specific areas under threat, including:

  • The web—ensuring only secure websites are visited by employees and preventing against concealed malware. This also has the added benefit of helping to boost productivity by potentially curbing use of social media platforms (unless they’re needed for work).
  • Emails—the backbone of office communication continues to be plagued by hacker attacks trying to access a company’s data. An email protection layer can help spot threats through spam or even restrict email flow through their service provider.
  • Older software—software that’s not yet been updated to protect against the latest threats can be an easy target for attackers looking to breach the network. Having a patch management security layer in place can help identify and fix these soft target areas by automating the update process.

It’s important to note that anti-virus software, while no longer up to the job of providing the single security solution it once promised, still provides an important layer of protection against viruses, Trojans and other malware. It should continue to be included in any multi-layered security approach.

Multi-layered security is not only important, it’s essential

With the clear and present digital danger to businesses in 2018, it’s imperative that a secure method of IT security is implemented—not only protecting a company’s data, but it’s reputation too. A single solution is no longer good enough. Only a multi-layered approach to security can provide the protection you need against increasingly sophisticated cyber-threats.

Having a headache trying to select the right combination of security layers for your business? Get in touch with us today and we’ll be happy to make sure you’re protected. 

Book your cyber  security assessment

 

Topics: SIEM, Data Protection, SOC, Security

Sign up to our blog