Introduction
Defense in depth is considered as the applying multiple security countermeasures that are coordinated to safeguard the validity of information resources in an organization. This is a concept of computer network protection that contains a series of defense mechanisms that have been designed in case one fails there is another in place to prevent the attack (Byres,2008). For instance, it is not a good idea to rely on biometric verification to provide security because they can be circumvented by a determined attacker. This strategy has been based on the military principle that is considered to be difficult for the enemies to defeat the multi-layered and complexity defense system for penetration of a barrier. Defense in depth is used in minimizing the probability that the malicious hackers will be able to accomplish their mission.
This is a well-designed strategy that can be used in assisting the security personnel and system administrators in identifying people that have attempted to compromise their server, computer, internet service provider and proprietary network (Kuipers et al.,2006). The defense in depth is used in a situation where the hacker can gain access to a system in order to minimize attack and also enables the engineers and administrators time to update and deploy new countermeasures to prevent attack recurrence. Components of defense in depth involve firewalls, hierarchical passwords, antivirus software, biometric verification and anti-spyware programs. Defense in depth has also utilized electronic countermeasures that have involved physical protection of business sites through personnel training.
Vulnerable administrative interface
An authentication control that has failed to the administrative interface cannot enable an anonymous attack on the system fully if it has correctly checked all accesses. In this case, there are the administrative user authorization checks, the gate access to the production management networks and logs. In this case, the defense in depth has been utilized in such a way that the principle of defense in defense can prevent all forms of attack (Stytz,2004). The defense in depth design has been used to guide the selection of controls that have ensured its resilience against any form of attack and can reduce the probability of attack in case of a single point failure in the system of security.
Conclusion
Implementation of defense in depth can be an added security measure. This strategy can add complexity in application and attack about the “simplicity” principle that is often practiced in security designs. This is through the use of multiple security controls that have been placed throughout the information technology. This intends to provide redundancy in the security systems.
References
Byres, E. (2008). Defense in depth. Control Engineering Asia June 2008.
Kuipers, D., & Fabro, M. (2006). Control systems cybersecurity: Defense in depth strategies (No. INL/EXT-06-11478). Idaho National Laboratory (INL).
Stytz, M. R. (2004). Considering defense in depth for software applications. IEEE Security & Privacy, 2(1), 72-75.