Thursday, July 18, 2019

DEFENSE IN DEPTH

DEFENSE IN DEPTH-



Defense in depth is a strategy common to both military maneuvers and  information security.  In  both senses,   the  basic  concept of  defense in depth is to formulate a multilayered defense that  will  allow  us  to  still  mount a successful defense should one  or more of our  defensive measures fail.  In  Figure 1, we can  see an  example of the  layers we  might want  to  put  in  place  to defend our  assets from a logical  perspective; we would at the  very least  want  defenses at  the  external network, internal  network, host,  application, and  data  levels. Given  well-implemented  defenses at each  layer, we  will  make  it very difficult to successfully penetrate deeply into  our  network and  attack our  assets directly. 

One   important concept to note when planning a defensive strategy using defense in depth is that it is not a magic bullet. No matter how  many layers we put  in  place,  or  how  many defensive measures we  place  at each  layer, we  will not  be  able  to  keep  every attacker out for  an  indefinite period of time,  nor  is this  the  ultimate goal  of  defense in  depth in  an  information  security setting. The  goal  is to  place  enough defensive measures between our  truly  important assets  and  the  attacker so  that we will both notice that  an attack  is in progress and  also  buy  ourselves enough time  to  take  more  active  measures to  prevent the attack from  succeeding.
We can see exactly such a strategy in the theater release of the Batman movie, The  Dark Knight, in  2008. The  production company for  the  movie,  Warner Bros. , spent six months developing a multilayered defensive strategy  to  keep the  movie  from  being pirated and  placed  on  file-sharing networks for  as long as possible. These  measures included a tracking system  to  monitor who   had access to copies of the  movie at any given  time,  shipping the film reels in multiple  parts  separately to  theaters in order to  keep  the  entire movie  from  being stolen in  shipping, monitoring movie  theaters with   night-vision equipment to  watch  for  those   attempting to  record  the  movie in  the  theater, and  other measures. Despite all  the  time   and  resources spent to  prevent piracy  of  the movie,  it was found on  a file-sharing network 38 hours after it was released  . For Warner Bros., this  was  considered a success,  as the  company was  able  to prevent the  movie from  being pirated for  a long enough period that opening weekend sales were not significantly impacted
By -
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
  • Cyber security
    WarDriving It is a process of tracking Wi-Fi hotspots located at a particular place, while moving with a hand held device or a lapt...
  • What is Number,Integer,Float,Character,String,Boolean?
    (11)What is Number , Integer , Float , Character , String , Boolean? Number  Number is a symbol and mathematical object used for mea...
  • KeePassX
    KeePassX KeePassX is an open source, cross-platform and light weight password management application published under the terms of the ...