Defense in Depth

Abstract

This paper will discuss the various methods in which defense in depth can be implemented in federal government agencies computer networks to protect the confidentiality, integrity and availability of the data. Securing networks has always been on the radar of IT security specialists working to secure network infrastructures. But in recent years with more cyber criminals and terrorist activities that can create threats and breaches of data, it is imperative that defense in depth also referred to as layered security is successfully implemented.

Having a vital risk analysis plan in place that details how you will protect the data in your network by using defense in depth will not only help your organization mitigate and reduce attacks, but also minimize any excessive down time from these attacks. This paper outlines some of the layers of protection that will help to protect your network perimeters such as:

1. Antivirus Software.

2. Anti-spyware Software

3. Whitelist.

4. Firewall.

5. Intrusion Detection System and Intrusion Prevention System.

6. Systems Patch Management Policy.

7. Physical security.

8. Yearly Computer User Training.

9. Disaster recovery.

10. Backup Policy.

Reports have stated that 85% of cyber intrusions would have been mitigated if organizations had implemented at least 4 of the above strategies.

What is Defense in Depth?

Defense in depth is a comprehensive strategy process that will help manage and ensure the protection of the data and assets in a network infrastructure from being fully compromised. Chief Information Officers and Managers of government networks need to understand what the risk are interconnecting their organizations to the World Wide Web. With so many government workers teleworking using remote access, email, the Internet and cloud computing more government networks are now vulnerable to espionage and cyber-attacks. Government CIO’s need to fully research and analyze the current security tools...