Layer your security one layer of security simply isnt

This preview shows page 4 - 7 out of 9 pages.

Layer your securityOne layer of security simply isn’t enough to prevent a breach in security.Nowadays,layered security is a must.“Jason Brvenik, principal engineer in the Cisco SecurityBusiness Group, said that he's seen organizations with as many as 80 different securitytechnologies applied in layers” (Korolov).So what does a layered security system look like?The figure below shows one example of a layered security model (Moraetes, 2014).Thereare 5 levels representing different layers of security and what they are composed of:perimeter, network, host, application, and data.1MINN. STAT. § 325E.64 (2015)
The perimeter is the outermost level of defense or the first line of defense.Thislayer should contain firewalls at the very least, as they help stop attackers before they canbreach your network and gain access to your critical information.The next level is the network level, which contains a local area network (LAN) or awide area network (WAN).“Most networks today are fairly open behind the perimeter;once inside, you can travel across the network unimpeded. This is especially true for mostsmall- to medium-size organizations, which makes them tempting targets for hackers andother malicious individuals” (Moraetes).Users who access the network should have toauthenticate themselves.There are also tools identified in the all five levels which can be used to provideprotection at each level.VA tools can be used at the three inner levels.VA Tools scandevices on a network for flaws and vulnerabilities that could be exploited.“VA systemstypically maintain a database of rules that identify known vulnerabilities for a range ofnetwork devices and applications. During a network scan, the VA tool tests eachdevice/application by applying the appropriate rules” (Moraetes). The VA tool then createsa list of vulnerabilities that were discovered that can be remedied.The application level is the fourth level of the layered security model and it can bequite vulnerable, as the application developers don’t always have security on their mindswhen writing application source code.There are some basic things you can do at this levelhowever than can provide a lot of bang for your buck.Adding “extra layers of security tothe website and applications such as contact forms, login boxes and search queries….willensure that your ecommerce environment is protected from application-level attacks likeSQL (Structured Query Language) injections and cross-site scripting (XSS)” (Moraetes).
Hopefully these security measures are enough that a hacker won’t get past the applicationlevel.At the tip of the layered security model is data.The goal of the model is for ahacker to never reach this level, but if they do, the data there had better be encrypted.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 9 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
Diez,C

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture