With security talk being on top of mind and breaches becoming more and more frequent, there are now best practices for safeguarding business data and keeping the business safe from predators. The two terms that are floating around and sometimes wrongly used interchangeably are Layered Security and Defense in Depth. While there is overlap in the two theories, there are differences that need to be addressed as well as a relationship between them that is key.
Layered Security
Layered security is a practice of making sure that there are multiple implementations put in place to catch the failing of any individual aspect. If at one layer there is a failure or breach, there are deeper layers to catch or at least slow down the invasion. This works together providing a more than the sum of the parts kind of protection.
Layered security is just as applicable if you are alone at a coffee shop accessing the internet, running the systems for a small business or managing a 10 thousand user enterprise. While the implementation may vary, this approach will improve your security.
One thing to consider is that layered security is NOT implementing the same defense multiple times, true layering is about multiple types of security measures, each protecting against a different vector for attack. Levels of focus may be concerned with safeguarding on the following levels:
- Perimeter Defense
- Network Defense
- Host Defense
- Application Defense
- Data Defense
- Physical Security
Defense in Depth
Originally coined in a military context, when addressing more depth security measures. Security in Depth would be closer to a multifaceted strategic plan where layered security would be one aspect of defense. Defense in Depth is concerned with more than just the immediate intrusion but also assumes a broader and more variable source of defense. For example, if there was a physical theft, how can information be guarded against a forensic recovery of data. Among other concerns are threat delay, rapid notification and response when attacks and disaster underway. Some of the aspects of this strategy include:
- Monitoring, alerting and emergency response
- Authorized personnel activity accounting
- Disaster recovery
- Criminal activity reporting
- Forensic analysis
While there are a few sources that will mention these terms or even use them mistakenly interchangeably, and while there are similarities in the concept and there is overlap, there is a distinct difference and that is in the broadness of the scope of the concerns. It is more important to understand the relationship to know where and how to best utilize these concepts.