Layered Security: Anti-Malware and HIPS

Likely the one measure you already have in place, anti-malware and host-based intrusion prevention systems (HIPS) are a critical piece of the security puzzle, which includes policies and standards, employee awareness, network intrusion defense and access control, segmentation and system access control.

Layered Security: System access control

Access control is one of the foundational elements of a security system. Making sure that your network is as secure as possible means making sure that only users who need access to your system, have access, and that that access is restricted to the most limited degree possible.

Layered Security: Network Segmentation

Part of being strategic and proactive about your security stance involves network segmentation. Limiting and partitioning network access according to your security and performance requirements ensures that traffic can be more effectively controlled and monitored as it moves between security zones.

Layered Security: Employee Awareness

Once you've developed your IT policies and procedures, you need to get all of your personnel on board. Even the strongest security position will fail without employee awareness. 85% of security breaches originate from either accidental or intentional behaviour on the part of employees, and attacks like ransomware take advantage of user's misplaced trust and/or ignorance.

Layered Security: IT Policies, Standards and Guidelines

Last week we outlined the seven-layer approach to security recommended by Horn IT Solutions. Today, we'll discuss the first layer in more detail. The foundation of any good security approach isn't at the software or hardware level, rather, it is the IT policies and guidelines that govern every decision your organization makes about security position.

Layered Security: Your best defense

Most businesses have taken at least the most basic security measures to protect their information systems. Firewalls, anti-virus programs and spam filters are part of most company information technology profiles, but in an age of malware, ransomware and constant malicious innovation, they aren't enough to completely protect your data.