Join us as we explore ways to grow your business with technologybrought to you by Dell and Microsoft
10 Ways to Implement Multi‐Layered Security
Letha Wicker 16 Nov 2011 9:48 AM
Comments 0
Like
0
How secure is your enterprise? Does your current strategy include true end‐to‐end security? Learn ten ways to better implement a multi‐layered security approach in your organization. Topics covered include: Lost laptops and smartphones, botnets, network security, messaging security, Intrusion Prevention Service (IPS), End Point
Security, and much more.
Any complex business has security holes: lots of them. And in today’s world of always on, ubiquitous computing, universal Internet connectivity, and seamless mobility it’s getting harder to identify the risks, much less closes them. Worse, a fast‐growing, global dark economy centered on disseminating and leveraging exploits is making it more difficult to predict attacks and mount targeted defenses. While classic hacker prizes like your strategic IP or customer credit‐card files are still very much at risk, your business may also be the target of less‐pointed attacks, like email or e‐ commerce denial of service, or random ‘phishing’ aimed at capturing employee or customer personal data. Bottom line: as defender, you must fight to thwart every possible attack. The attacker, however, only needs to locate one weak link to wreak havoc.
A better solution to this dilemma is multi‐layered security: implementing multiple, overlapping security solutions so that your most‐critical assets are buried deep behind several lines of defense. In theory, it’s a solid strategy, but one that large enterprises – even with comparatively great resources and large pools of specialized IT talent ‐‐ have been at pains to deploy
1. Time for an upgrade
It’s doubtful you’d still be in business if you didn’t already have endpoint security (i.e., virus and malware protection), and hadn’t given your less‐ savvy users at least one round of stern talks about “never opening strange emails.” As a next step, upgrading desktop and laptop operating systems
may be the single most effective move you can make to secure your company – not only because an OS upgrade brings online collective security learnings from prior versions, but also because the upgrade process itself tends to simplify and impose rigor: eliminating old, little‐used applications, and giving you a change‐up point for negotiating new security protocols with users.
Windows 7, for example, is at this point increasingly a known quantity, generally more stable than XP, highly compatible with legacy software, and with improved security, encryption, malware removal, automated patch sequencing, and other features built in. But how do you simplify and reduce the workload of transition, not to mention manage the licenses involved? The answer is to implement an automated solution for OS upgrade distribution and management ‐‐ one with appropriate characteristics (e.g., large file storage, session bandwidth, OS‐specific logging, policy management, etc.) to handle this specific task, which has storage, network and computational characteristics quite different from everyday patch issuance and configuration management (see below).
2. Patch Early, Patch Often
While we’re on the subject, getting a handle on OS and application patches lets you keep ahead of exploits while improving product stability and performance. Patch deployment solutions let you evaluate, select, test, aggregate, deploy, log, and audit patch history. So it reduces workload, increases assurance, and provides an important link in the technology due‐diligence chain for regulatory compliance. Because patch deployment is typically more time‐sensitive, but less storage and bandwidth‐intensive than OS upgrades, the architecture supporting these solutions is slightly different. Often, the patch‐management function is augmented by configuration and policy
Related Documents: Ten Ways To Implement Multi-Layered Security
Abstract The purpose of this paper is to become acquainted with the evolution of national incident response over the last twenty years in America; and henceforth, gain a better understanding of the current multi-agency/multi-discipline approach to national disasters and emergencies. This summary briefly reviews the history of federal planning documents over the past twenty years as context for the present day, National Response Framework; and then highlights the…
Graded Assignments STUDENT COPY The following sections contain student copies of the assignments. These must be distributed to students prior to the due dates for the assignments. Online students will have access to these documents in PDF format, which will be available for downloading at any time during the course. Graded Assignment Requirements Assignment Requirements documents provided below must be printed and distributed to students for guidance on completing the assignments and…
RFP-427.04-107-08 STATE GOVERNMENT DEPARTMENT OF FINANCE AND ADMINISTRATION REQUEST FOR PROPOSALS FOR INFORMATION SECURITY ASSESSMENT SERVICES (ISAS) RFP NUMBER: 427.04-107-08 CONTENTS SECTION 1 2 3 4 5 INTRODUCTION RFP SCHEDULE OF EVENTS PROPOSAL REQUIREMENTS GENERAL REQUIREMENTS & CONTRACTING INFORMATION PROPOSAL EVALUATION & CONTRACT AWARD RFP ATTACHMENTS: 6.1 Pro Forma Contract Contract Attachment A: Attestation Re Personnel Used in Contract Performance Contract Attachment B: Memorandum…
CSS330-1404B-01: Database Security Phase 5 IP: Auditing Policies Database Security Project Plan Reginald “Reggie” Lee Colorado Technical University Online Professor Anita Arceneaux December 22, 2014 Figure 1: (Microsoft.com, 2014) Table of Contents Database Security Architecture 3 Differences between a database and a DBMS 3 Types of database designs 4 Network Infrastructure for Database Security 5 Common Security Threats for Database Servers: 6 Additional Security Mechanisms for Protecting…
occur in Germany. Germans prefer smaller shopping experiences at sores like Aldi. * In Chicago there was a successful children’s bookstore * Ppl recommended that they expand to more locations, but they refused. Then they went out of business 10 years later. * In 1962, Decca Records was a successful recording company * Turned down The Beatles because…