Network Security Assignment Help
In this paper, you will define the security strategies of Defense in Depth and Layered Security along with comparing and contrasting the strategies by explaining, at least, two advantages and disadvantages of implementing each security stratey.
GET BENEFITED WITH EXCITED DISCOUNTED OFFERS UNDER NETWORK SECURITY HELP SERVICE OFFERED BY EXPERTSMIND!!
Introduction
Protection of information assets need blend of distinctive security technologies in order to develop several layers of security for addressing multiple security concerns. There are several security layers like firewall control. In this aspect, it is important to analyse security strategies of defense in depth and layered security so that effective measures can be taken. The study deals with security strategies of defense in depth and layered security as well as comparison and contrast of the security strategies.
Security strategies of defense in depth and layered security
Jackson and LaTourrette (2015) stated that defense in depth is considered as military strategies that slows down advance of the attacker until a counter-attack could be performed. On the other hand, counter attacks in the cyber security are considered as current process of making information security system passive. On the contrary, the security defense procedure has been developed at multiple layer in order to thwart intruders. It might be broken by a barrier and may damage the process.
According to Jayanthi (2017), with the strategy of defense in depth, there are multiple layers of security are implemented across the information architecture and extend the personnel procedure and physical security. The idea of more layers will be to breach for every type of defense for stealing digital assets and cause disruption. The core concept of defense in depth in viable.. However, it is required to adopt the technologies along with threats evolved in the process. It remains a major objective for the teams of information security.
On the contrary, protection of information assets needs combination of developing distinctive information security technologies for making several layers of security in order to identify multiple security concerns. There are several security layers involved in the process. However, it is important to address the major security strategies taken for the process. Firewalls control as well as monitoring incoming as well as outgoing network traffic is essential for protecting the infrastructure along with operating system (Vittor et al., 2017). On the other hand, firewalls of the web application can filter content in order to protect any applications that are running over internet. It prevents the attacks produced from security flaws in the internet based applications. In addition, security information and event management systems aggregate accessing data from multiple systems to correlate data and seek the anomalies, which could address the proper applications along with services.
When the Identity and access management sphere, dynamic authentication has a vital role to be played in order to enable appropriate access to the sensitive as well as valuable digital assets and impose an obstacle to the improper and malicious access. IAM gives a significant components to a defense in depth security (Ibrahim et al., 2016). The technologies related to security like anti-malware, anti-virus and anomaly detection are included as the part of defense in depth security. However, personnel policies as well as procedures need to address the needs for security awareness of the members is considered as the major part of security strategy.
Controlling access with the help of dynamic authorization is an attribute based access control. It provides a policy based approach to access control as well as can be utilized at several security layers within the enterprise. Attribute based access control is integrated within distinctive layers of security to give related and dynamic authorization (Rass & Zhu, 2016). The strategy supports process of dynamic authentication procedure as the part of defense in depth strategy. On the contrary, the ease of integration having different tools is a hallmark of dynamic authentication systems. It is significant for two causes (Whitehead et al., 2017). Seamless integration with different IAM as well as security tools like web access management as well as API gateways. These be helpful to ensure that there are any gaps existing in process of security defenses. The use of of industry standards gives a level of interoperability along with vendor independence for the organization. In addition, there are limited customizations required when the industry standards are supported.
Oyler and Saiedian (2016) mentioned that a layered security approach is implemented at any level of information security strategies. The administrator of information security strategy has a significant value for system access from am place and implement layered security approach to the security tool implementation that can assist in enhancing security profile. Layering security is considered as the key protecting customer information in the age of information, organizations failing important backlash from the customers as well as regulatory bodies. Addition of the intelligence, dynamic authentication approach regarding access control of the organization. It can ensure limited access to the information for making safeguard against the future data breaches and jumping the competition.
Comparison and contrast of the strategies
Layered security and defense in depth are considered as different concepts with multiple overlap. An effective layered security strategy is significant to protect the resources of information technology. A defense in depth approach for security can widen the opportunity of providing attention in security as well as encourages flexible policy, which can respond well to the specific condition and ensure that the users are not blindsided by the unexpected threats (Mavroeidakos et al., 2016). The strategic philosophies regarding security is to inform treatment about different person so that overwhelming circumstances for narrowing as well as brittle security strategy like simultaneous attacks through independent threats. It is considered more intensity in the attacks than expected and the threats seem consisting of strayed from the common targets might be waded.
Difference between layered security and defense in depth is important to analyse. Layered security is one of the practices to ensure that there are several implementations placed in order to catch the failing of individual aspect. Whether failure is occurred at one layer, deeper layers are there for catching or slowing down the invasion. It works with providing several parts of protection. On the contrary, security in depth would be closer to the multi-faced strategic plan where the layered security would be considered as the major component of defense. However, it is concerned with immediate intrusion and assume a broader and variable source of defense. For an instance, there is a physical theft and the information can be protected against the forensic recovery of information (Crossler et al., 2017). The other major concerns are considered as threat delay, rapid notification as well as response during attack as well as disaster are occurred. The aspects of the strategy consists of monitoring, altering as well as emergency response. In addition, disaster recovery, criminal activity reporting and forensic analysis are included in it.
While there are several sources, which will mention the terms and use them interchangeably along with the similarities in the basic concept and overlap. It is vital to understand relationship to understand the place and procedure of using the concept. Defense in depth can assume that the attacker will breach security measures of the network (Orojloo & Azgomi, 2017). Hence, monitoring network systems for failed logon attempts can be combined with the procedure of altering and providing ability to the network administrator to take effective measures and immediate circumstances. The efforts fail as well as access to the data forensic that might be collected. On the other hand, defense in depth is scalable for small to very large. It can be deployed through large organizations. There are affordable as well as effective options that are available in the form of service, software as well as hardware. The list of proper security measures for small business might consist of SaaS mail filtering, firewall or UTM, encryption of hardware, remote monitoring as well as controlling, antivirus software, patch management and recovery software for stolen laptop. In addition, there are several concepts analysed as cybercrimes are increasing day by day (Mailloux et al., 2018). Hence, it is required to take effective security measures that would be helpful to mitigate security measures in the processes. Anti-viruses software organizations offer packages including virus scanning, mail scanning as well as spam blocking. Hence, it is important to adopt effective security measures that will be helpful to secure the operations over web.
Conclusion
Defense in depth along with layered security feel like simpler era in perspective of information security. As web servers become the major instrument in order to open up the organizations to outside world. In addition, mobile computing, advanced persistent threats and software defined data centers are considered important for defensing in depth as well as layered security. The study discussed security strategies taken of defense in depth and layered security that will be helpful to understand and apply the strategies effectively.
WE COVER ALL FORMATS AND STYLES UNDER NETWORK SECURITY ASSIGNMENT HELP SERVICE AND PROVIDE WELL FORMATTED DOCUMENT SOLUTION ALONG WITH PROPER REFERENCES AND TEXT CITATIONS!!