Overview: Defense In Depth | ||
Type | ||
Definition | An IT security strategy that uses multiple layers of security controls. | |
Related Concepts |
What is Defense In Depth? John Spacey, updated on
Defense in depth is an IT security strategy that uses multiple layers of security controls. It is often explained with an analogy to a castle with many layers of defense such as moats, walls and finally a castle keep.A basic principle of IT security is that components shouldn't trust each other. That is to say, that each component should assume that other components in an organization or technology stack have been compromised. It is impractical to have every single component in a large system that has no trust in anything. As such, layers are established that don't trust each other. The following are examples of layers used by defense in depth strategies.
ProcessesProceduresUser InterfacesApplicationsData Access LayersPlatformsServersOperating SystemsNetworksDemilitarized zonesData RepositoriesThe following are examples of techniques that may be used at each layer to implement security.Training & situational awarenessAuthentication & authorizationPattern scanning such as anti-virus toolsIntrusion detectionEncryptionPerimeters such as firewallsAudit trailsSandboxes
Information SecurityThis is the complete list of articles we have written about information security.If you enjoyed this page, please consider bookmarking Simplicable.
Security vs Privacy
The relationship between security and privacy.
Hardening
An overview of technology hardening.
Deep Magic
An overview of deep magic, a technology term.
Encryption ExamplesA definition of encryption with examples.Canary Trap
A definition of canary trap with an example.
Honeypot
A definition of honeypot with examples.
Security Through Obscurity
A definition of security through obscurity with an example.
Tokens
A definition of token with examples.
Backdoor
A definition of backdoor with examples.
Types of TechnologyA reasonably comprehensive list of information technologies.
GamificationA list of gamification techniques.Information Technology ProblemsA list of common IT problems.Types Of Cloud
The basic types of cloud computing.
Machine Data
The common types of machine data.
Types Of SoftwareThe common types of software.Proprietary Technology
A definition of proprietary technology with examples.
Systems Design
The common elements of a systems design.
Systems vs Applications
The difference between systems and applications explained.
TrendingThe most popular articles on Simplicable in the past day.New ArticlesRecent posts or updates on Simplicable. Site Map
Business Analysis
Coding Communication Compliance Networking Computing Creativity Cryptography Data Design Design Thinking Governance Information Technology Infrastructure Knowledge Management Management Metrics Organizational Culture Problem Solving Productivity Project Management Quality Risk Management More ...
© 2010-2024 Simplicable. All Rights Reserved. Reproduction of materials found on this site, in any form, without explicit permission is prohibited. View credits & copyrights or citation information for this page. |