Defence in Depth
Depth of defence
Any Level can be breached, the next layer below can't simply "fall over".
However, not all attacks flow nicely from the perimeter, so don't rely on the "layer above".
- Perimeter: Guarding every access point to your network.
- Network: Blocking all traffic that is not necessary on your network.
- Host: Clearly identifying the purpose and operation of each server, securing each desired service and remove all others.
- Application: Making consistent use of well-known corporate security sub-systems.
- Data: The true asset to the organization, needs to be recoverable and protected as appropriate per device.
- Physical: Physical attacks or theft can thwart all other defenses.
and a Policy to clearly define it!