You'll often see me write of network protection, endpoint protection, intrusion detection/prevention and social engineering.
While this list isn’t all inclusive, it gives organizations a good start at protecting themselves, their employees and customers in the cyber realm. Keep in mind that no person, place or thing is hack-proof. In fact,most probably already have been hacked.
Some hackers love challenges and hack the newest products. Just like all groups, cyber criminals come with all types of preferences, skills and personality types.
Network protection uses tools, such as firewalls, to keep the bad guys from coming through the front door of the network.
By using a perimeter firewall to stop intruders and an internal firewall to stop any that manage to get through the first, you seriously cut down on the number of hackers able to get through to your data.
Choosing a firewall is complicated and involved. You will need to consider your budget, facilities (both existing and planned), scalability (throughput rates) and features, e.g., Virtual Private Networks (VPNs).
Once you’ve made those decisions, you need to add them to your information security policy — something every organization needs.
A popular term for security is "layered security." As with many terms in IT and other industries, the definition becomes blurred and often misused. Combining different brands to compensate for weaknesses in each is actually redundancy. If you are using two anti-virus products, such as Webroot and Windows Defender, you are employing redundancy. If you are using cable and DSL for connecting to the Internet, that is redundancy.
Layered security means defending against different vectors and types of attacks.
Don’t forget devices such as servers, desktops, laptops, tablets, phones, PBX systems, network attached storage (NAS), storage area networks (SANs), application vulnerabilities, operating systems, programmable logic controllers (PLCs) and all of the specialized devices found in health care, military, manufacturing, etc.
All of these items and more have their own vulnerabilities.
If your business is health care, what devices connect to the Internet or need to be updated? Regardless of your industry or business, basically anything that has or runs on a chip can be attacked.
Think of the Stuxnet virus (2006-12). It has now been in the wild for cybercriminals to modify and sell on the dark web for six years. That collection of viruses attacked PLCs in the nuclear weapons industry. It takes very little imagination to apply it to manufacturing, utilities and a dozen other industries.
Or think of the DYN attack in October 2016. DYN is a provider of dynamic name system (DNS) service that enables the translation of website addresses. Think of the difference between, “I’m going to Joe’s” to “I’m going to 2148 Main Street” and typing in “comcast.net” vs. “126.96.36.199.”
DYN was prevented from operations for the better part of Oct. 21, as was all the businesses that depend on it for DNS services. Imagine your business going down for day because of a similar attack, and you begin to see the reason for learning about layered security.
Don’t just lock the front door with a free version of some anti-virus and tell yourself you are secure. If you have been entrusted with data that affects your clients and employees — and every business has — you owe it to all concerned to lock the windows and backdoor as well.