Defense in Depth

Question: Discuss about theDefense in Depth. Answer: Introduction The computer network and systems in todays world is becoming increasingly prone to the threats of various kinds of attacks that are sophisticated in nature and has been recognized as a matter of concern in the information industry today. There is a need to create stronger defenses against these attacks and this is accepted by the corporate organizations as these attacks contain multiple exploits (Ahmad and Maynard, 2013). These security organizations are on a constant lookout for counter measures in order to improve their defensive potential. A defense in depth is a military principle using multiple security counter measure in a coordinated manner that helps to protect the probity of the information in an organization. It is a strategy which makes it difficult for an enemy to tackle a system that is multi layered in nature instead of single barrier (Rocha, Gros and Moorsel, 2013). Various Components of Defense and their Importance: The core idea behind the defense in depth is to combine various components of technology in order to build up a management of good security which would in turn form many layers of defensive mechanism for the protection against external intrusions. Before forming the component parts of a defensive mechanism one needs to follow certain procedures like a setting up a team of security professionals who are experienced led by a security chief who would be behind the engineering of a defense in depth formula .(Wilkinson, Batke, Hall and Jasper, 2011). The policies that define clearly the uses of the corporate computer networks and resources should be well communicated so that it enables the users to clearly understand the potential threats to the vulnerable information assets. Finally, training happens to be important for the people who would be the first ones to respond if an incident occurs (Wilkinson, Batke, Hall and Jasper, 2011). The defense in depth consists of various components and it is these components that help it to function effectively and smoothly. Each component is interconnected to one another and complements each other in such a way that a complete security scenario is created. Going by the broad categories the defense in depth primarily entails the internal network, the perimeter and most importantly a human factor (Liu and Cheung, 2012). These together consist of many components of their own without which it would not be sufficient to secure networks of computers. The components that are going to be discussed below, used for defense in depth are primarily: Firewalls which are found in both hardware as well as software The anti-spyware programs for software Hierarchical passwords Biometric verification in hardware or software Intrusion detection system both in hardware or software. Along with these, there are some other components which include physical protection and personnel training, both being external in nature. Both these components are related to the people who are handling the computers and they must be well trained to comply with the defense mechanisms (Jajodia, Noel and Kalapa, 2011). Firewalls: This is a kind of software that is used for protecting the personal computers from any hacking attacks or malware. This can be accessed easily by the masses and can be also downloaded from any security companies that are trustworthy. The two kinds of firewalls that a usually found are the hardware firewalls that uses the computer like an appliance enabling to run the software that helps in blocking the traffic from outside that is unwanted (Mensch and Wilkie, 2011). Furthermore the firewall appliance can be updated with new regulations to prevent threats that are evolving or direct malware or hacks. If the new rules are updated then this software would help to protect all the machines that are attached to the computer network. The software firewall makes use of modern techniques like port filtering, application level filtering and stateful packet inspection in a combined manner. This software is made a part of the operating systems, for example, in case of Windows it is presented as an application that helps to run a stand-alone computer which helps in guarding the entire network (Chen and Zhao, 2012). The firewall software is capable of detecting new connections that is not present in the set of regulations provided and one can either accept or reject the new connection request on this basis. Anti-spyware programs: This is a kind of program that is created to defend and detect any spyware programs that are, if in case installed in the computer and are unwanted in nature. This program may also help in removing these programs if they are already installed. Spyware is a kind of malware that could be installed in the computer without the user even knowing it. These spyware collect information about the user without their knowledge. Lavesson , Boldt and Davidsson , 2011).The anti-spyware programs helps in monitoring any incoming data via any emails or from websites or for that matter from any files that are downloaded on the computer. This in turn helps to prevent the spyware programs to invade the operating system of the computer. Anti-spyware programs can be useful in blocking not only spyware but also viruses (Seybert and Loof, 2010). Hierarchical passwords: This program is designed in such a manner where a set of passwords are computed in a hierarchical structure where the password that is present at the higher level in hierarchy has greater autonomy in giving permission that the passwords that a present in the lower level of the hierarchy. This security system is also known as multilevel password protection. This is a special security feature that helps to protect the computer, its network or any database from any unauthorized usage. The password set in the linear order enable the users to have control over the host machine at various levels (Main and Johnson, 2010). When a password identifies the entry of a password in the system of hierarchy, the access to all applications in the application group that is associated with that password is automatically activated. The same process is followed in the lower hierarchy of password as well. Biometric verification: A technology that helps in identifying a person in any system with the help of his distinguished biological characteristics. This is a full proof and unique system of identifying any person and the identifiers generally include signatures, fingerprints, iris and retina patterns, DNA, geometry of the hands or ear or even the voice waves of a person (Vacca, 2012). The system that is locked with the help of biometric verification can be only accessed when the same person puts forward the pattern be it the fingerprint or any other traits. When the password is set using such biological characteristics, it is stored in the database of the computer, which helps in identifying this analog data afterwards. With the beginning of computerized databases and the digitization of the data the personal identification with the help of biometric verification has become almost instant. (Horng , Su , Chen , Kao and Chen , 2011). Intrusion detection (ID): This system is a security management technique which could be used in both networks as well computer. Intrusion detection helps to identify security breaches that are possibly present in the network or the computer which includes both the misuse that could be from within the organization itself or external intrusions. It collects data and gathers information about these possible breaches. ID makes use of vulnerability assessment, often called scanning, a technology that is utilized for the assessment of computers and its networks. Potential Risks of these Components: As already discussed that all the various components together form the defense in depth and even if one goes missing, it can pose a threat to the security of the organization. If the firewalls be it hardware or software is missing from the component then it is likely that the security risk is likely to increase. If the operating system does not have firewall of its own it is prone to malware and other external hackings. As anti-spyware programs are equally important as an anti-virus system in the computer, if they are not used it would make an organizations computers available to the outside world. This means that the data contained in these computers also become vulnerable (Liao, Lin, Lin and Tung, 2013). If not installed, the detection of any spyware present in the computer without the knowledge of the user becomes impossible thus making posing a threat to the computer as well the identity of the user and the organization. The hierarchical password if not designed and included in the security of the organization, makes the networks and computer systems vulnerable to risks related to password authentication. It makes is easier to capture the network traffic and gain control over the networks. The password as they are encrypted would have made it almost impossible to attain it and thus capture the traffic. Furthermore is not something that is stored by the clients, thus if not installed, makes the network easily accessible. As the biometric verification cannot be easily copied or duplicated, if not set up makes it very easy for hackers to access and gain control over the data that might be sensitive in nature. This would also increase the risk of identity swapping or undocumented access or even credential replacement in an organization (Vacca, 2012). Lastly, if intrusion detection is not installed, the malicious entry of any unknown attacks would not be detected by the computer network. The analysis of the on-going traffic or any other transaction would not be possible. Also the distinction between the baseline behaviour andon-going activities was near to impossible if not for the intrusion detection. Conclusion: The defense in depth seeks to minimize the possibilities of vindictive hackers to get hold of vulnerable information. Defense in depth is such a mechanism that would provide security to the computer network in a manner that even if one of the defensive mechanisms fails to succeed, the other will in the position to tackle the attack. References: Ahmad, A., Maynard, S. B., Park, S. (2014). Information security strategies: towards an organizational multi-strategy perspective.Journal of Intelligent Manufacturing,25(2), 357-370. Chen, D., Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. InComputer Science and Electronics Engineering (ICCSEE), 2012 International Conference on(Vol. 1, pp. 647-651). IEEE. Horng, S. J., Su, M. Y., Chen, Y. H., Kao, T. W., Chen, R. J., Lai, J. L., Perkasa, C. D. (2011). A novel intrusion detection system based on hierarchical clustering and support vector machines.Expert systems with Applications,38(1), 306-313. Jajodia, S., Noel, S., Kalapa, P., Albanese, M., Williams, J. (2011, November). Cauldron mission-centric cyber situational awareness with defense in depth. InMilitary Communications Conference, 2011-MILCOM 2011(pp. 1339-1344). IEEE. Lavesson, N., Boldt, M., Davidsson, P., Jacobsson, A. (2011). Learning to detect spyware using end user license agreements.Knowledge and Information Systems,26(2), 285-307. Liao, H. J., Lin, C. H. R., Lin, Y. C., Tung, K. Y. (2013). Intrusion detection system: A comprehensive review.Journal of Network and Computer Applications,36(1), 16-24. Liu, C., Cheung, L. C. (2012).U.S. Patent No. 8,261,337. Washington, DC: U.S. Patent and Trademark Office. Main, A., Johnson, H. J. (2010).U.S. Patent No. 7,797,549. Washington, DC: U.S. Patent and Trademark Office. Mensch, S., Wilkie, L. (2011). Information security activities of college students: An exploratory study.Journal of Management Information and Decision Sciences,14(2), 91. Rocha, F., Gross, T., van Moorsel, A. (2013, March). Defense-in-depth against malicious insiders in the cloud. InCloud Engineering (IC2E), 2013 IEEE International Conference on(pp. 88-97). IEEE. Seybert, H., Lf, A. (2010). Internet usage in 2010Households and Individuals.Data in focus,50, 2010. Vacca, J. R. (2012).Computer and information security handbook. Newnes. Wilkinson, J., Batke, B. A., Hall, K. H., Jasper, T. J., Kalan, M. D., Vitrano, J. B. (2011).U.S. Patent No. 7,966,659. Washington, DC: U.S. Patent and Trademark Office.