|
|
No single security countermeasure can always stop all attacks. Effective security requires multiple layers of countermeasure, so that if one is bypassed, the attack still has to get through the next layer, the layer after that, and so on. The concept of utilizing multiple layers of defense is called defense-in-depth. A prime target on your network is your corporate database. Hopefully, this database is housed on your internal network and protected by various security measures. However, an external attacker can attack your corporate database in various ways. Some of the attack paths and mechanisms include the following:
Protecting against these external attacks falls into the following areas or layers:
Besides external attacks, you also need to worry about internal people who attempt to access unauthorized resources (either intentionally or accidentally). Protecting against these internal attacks falls into the following areas or layers:
Your corporate security policy has an important role to play in defense-in-depth. It contains policies, procedures, guidelines, standards, implementation specifications, and requirements that should guide every facet of your security strategy. A typical corporate security policy contains four sections:
|
|
|