Five steps to an effective layered defence strategy
Analysing weak spots in an IT system can be challenging, which is why a layered approach is important
This article was written by Esther Kezia Thorpe from IT Pro and was legally licensed through the NewsCred publisher network. Please direct all licensing questions to firstname.lastname@example.org.
The concept of layered security is key to a strong and successful defence strategy. The approach uses multiple lines of defence to repel potential attacks and is based on the principle that no single form of protection is enough to stop a determined cybercriminal.
But it’s not just about applying multiple defences. Analysing weak spots in an IT system can be challenging, which is where a layered approach comes in.
Each of these five elements of an effective layered defence strategy works together, forming a mesh of protection around your clients’ systems.
1 - Patch management
A popular technique among cyber attackers is to target software that hasn't yet been updated to protect it from known vulnerabilities. According to Verizon, 99.99% of exploits used in 2014 took advantage of vulnerabilites that had been catalogued in the Common Exposures and Vulnerabilities (CVE) database at least a year prior.
Once a flaw has been detected in a particular piece of software, cyber criminals can easily write scripts to search the internet for devices and systems running versions of the software and target them.
Patch management is a quick win for IT administrators, who can automate the patching of this software using scripting tools, or more sophisticated systems that download, test and administer patches from multiple software vendors.
2 - Antivirus
Antivirus services should be a key part of any MSP’s arsenal. Although it’s not sufficient on its own to stop attacks, it provides a useful line of defence against malicious software that can be used by attackers to gain a foothold in corporate systems.
Antivirus technology has evolved in recent times and now features more advanced capabilities that can help it to detect unknown virus and Trojan software. With so many attacks using malware as an entry point into enterprise networks, antivirus software is not optional – it’s mandatory.
3 - Web protection
According to the Verizon Data Breach Incident Report, 54% of malware infections are due to interactions with the web. Given that many malware strains are delivered via a browser, web protection is another important part of a layered defence strategy.
Like antivirus software, web protection services receive regular updates of domain names and IP addresses associated with malicious behaviour and can be used to block visits from corporate networks.
Web protection services also enable an MSP to offer other added value to clients. It can be used as a detection mechanism to spot suspicious surfing activity that could indicate an attack.
4 - Mail protection
As one of the single most important tools for a business, email is still a significant means of delivery for attackers. Aside from sending links to malicious websites or malware-infected attachments, attackers can increase their chances of success by studying a company and including pertinent details.
Providing email security services to clients enables MSPs to offer their customers some significant advantages. Looking for patterns in large volumes of spam can give the services provider valuable intelligence about the kinds of attacks being directed at customers.
5 - Backup
Effective backup is the final step and the critical service in a layered strategy. Protecting clients from attacks might offer them peace of mind from a security standpoint, but even the best type of protection systems can be successfully compromised. The threat of attack, along with the consequences of physical data loss, makes backup a critical part of any cybersecurity service.
MSPs should ensure they have a tried and tested backup service. Frequent, incremental cloud-based backup services will be easier to test and guarantee for customers, and the lack of physical backup media will reduce the risk of backup data corruption, loss or theft. The technology used in cloud-based backup usually cannot be accessed by ransomware, which makes restoring files much easier in the event of a successful attack.
Cyber security is a key concern for organisations of all sizes. Protecting devices, networks, data and apps is an essential component of doing business. Vodafone provides security products and servicesto businesses of all sizes, helping you secure your business anywhere because we are everywhere. We are trusted by organisations globally, including utilities, financial institutions and government agencies.For more cyber security insights, you can find us on Twitterand LinkedIn.
Subscribe to our blog
Explore the possibilities a Gigabit Society can bring to your business. Receive a monthly digest straight to your inbox.