Defence in depth is a security and information assurance concept in which multiple layers of security controls are placed throughout an IT system. Its intent is to provide redundancy should the event of a security control fail or a vulnerability is exploited. So should a system fail or the bad guy managed to defeat it, there would still be a variety of fallbacks to protect the network. Firewalls for homes are not as popular as they used to be due to the increase use of home routers which act as a hardware firewall for all inbound connects unless outbound traffic to that destination has preceded it.
Defence in depth measures should not only prevent security breaches but also buy an organisation time to detect and respond to an attack, thereby reducing and mitigating the consequences of attack.
No comments:
Post a Comment