WHY TOTAL SECURITY IN DEPTH IS PREFERRED OVER LAYERED SECURITY

 

TOTAL SECURITY IN DEPTH IS PREFERRED OVER LAYERED SECURITY

Layered security, describes the practice of combining multiple serious security controls to protect resources and data. Like all other security methods, layered security is designed to protect assets (an asset is anything you want to protect and can include people, property, data, etc.). Layered security can be used in any environment, from military operations, to individuals, and community residents (homeowners, neighborhood watch groups, etc.). In other words, "layered security is the practice of using many different security controls at different levels to protect assets. This provides strength and depth to reduce the effects of a threat. Your goal is to create redundancies (backups) in case security measures fail, are bypassed, or defeated. Placing assets in the innermost perimeter will provide layers of security measures at increasing distances from the protected asset.

Single defense may be flawed, and the most certain way to find the flaws is to be compromised by an attack so a series of different defenses should each be used to cover the gaps in the others' protective capabilities. Firewalls, intrusion detection systems, malware scanners, integrity auditing procedures, and local storage encryption tools can each serve to protect your information technology resources in ways the others cannot. A common example for home users is the Norton Internet Security suite, which provides (among other capabilities):

       i.          an antivirus application

     ii.          a firewall application

   iii.          an anti-spam application

   iv.          parental controls

     v.          privacy controls

 

Security in depth originally coined in a military context, the term "defense in depth" refers to an even more comprehensive security strategy approach than layered security. In fact, on might say that just as a firewall is only one component of a layered security strategy, layered security is only one component of a defense in depth strategy.

 

Layered security arises from the desire to cover for the failings of each component by combining components into a single, comprehensive strategy, the whole of which is greater than the sum of its parts, focused on technology implementation with an artificial goal of securing the entire system against threats. Defense in depth, by contrast, arises from a philosophy that there is no real possibility of achieving total, complete security against threats by implementing any collection of security solutions. Rather, technological components of a layered security strategy are regarded as stumbling blocks that hinder the progress of a threat, slowing and frustrating it until either it ceases to threaten or some additional resources -- not strictly technological in nature -- can be brought to bear.

A layered security solution also assumes a singular focus on the origins of threats, within some general or specific category of attack. For instance, vertically integrated layered security software solutions are designed to protect systems that behave within certain common parameters of activity from threats those activities may attract, such as Norton Internet Security's focus on protecting desktop systems employed for common purposes by home users from Internet-borne threats. Defense in depth, on the other hand, assumes a broader range of possibilities, such as physical theft followed by forensic recovery of data by unauthorized persons, incidental threats as a result of dangers that do not specifically target the protected systems. Defense in depth strategies also include other security preparations than directly protective. They also address such concerns as:

1. monitoring, alerting, and emergency response
2. authorized personnel activity accounting
3. disaster recovery
4. criminal activity reporting
5. forensic analysis

One of the most important factors in a well-planned defense in depth strategy is taking advantage of threat delay. By ensuring rapid notification and response when attacks and disasters are underway, and delaying their effects, damage avoidance or mitigation that cannot be managed by purely technological measures can be enacted before the full effects of a threat are realized.

For instance, while a honeypot system may not itself stop a malicious security cracker who has gained unauthorized access to a network indefinitely, it might facilitate notification of the breach to network security specialists and delay his progress long enough that the security specialists can identify and/or eject the intruder before any lasting damage is done.

How in depth security is preferred over layered security as follows

Layered security and defense in depth are two different concepts with a lot of overlap. A good layered security strategy is extremely important to protecting your information technology resources. A defense in depth approach to security widens the scope of your attention to security and encourages flexible policy that responds well to new conditions, helping ensure you are not blindsided by unexpected threats.

Each of these strategic philosophies of security should inform your treatment of the other, so that normally overwhelming circumstances for a more narrow and brittle security strategy such as simultaneous attacks by independent threats, far greater intensity of attack than expected, and threats that seem to have strayed from their more common targets might all be effectively warded off. Both are worth understanding -- and the first step to that understands how they differ from one another, how they are similar, and the relationship between them.