--Originally published at TC2027 – Security – That Class Blog
Okay, so… Have you heard of the famous cake layers? If you haven’t, please, check out my last blog. Else, we can continue!
And just for you to understand the reference. The anchors go the ocean floor… Deeply… To the depths…
So, why did I asked you to read about the security layers? Because security in depth is based on the layers implementation. We already discussed how layers are supposed to function, if you achieve to cover all holes of each layer with the preceding layers, there will be no way an attack could be successful to your system. The thing is that achieving that level of perfection is impossible. Instead, security in depth assumes from the start that the layer method can, and will eventually fail. The layered security only achieves the exhaustion of the threat (Successful defense) or the slowing of it, giving time for other plans of action and countermeasures initialize.
Depth defense also assumes that the hack or breach isn’t necessarily of remote origin, this means that the possibility of physical theft, threats, unauthorized person access, and some other unique events (See van Eck phreaking below).
Usually, taking into account those possible events involve the set up of:
- Monitors, alerts and emergency responses
- Authorized personnel activity logs
- Forensic analysis
- Reports on criminal activity
- Disaster recovery
Remeber that the objective of depth defense is to gain time. Each of the set up new components main objective is to delay the threat, which might not be obtained if we used only technological solutions. The obtained extra time should be used by the administrator to identify and try to overcome the hack.
And I guess that is for now regarding security.
As a mini comment