Defensein depth is the precaution taken by an individual or company toprevent intrusion. It reduces the chances of being attacked bymalicious hackers. A well-structured plan of this sort can alsoassist security personnel and system administrators to detectindividuals trying to compromise computers, Internet ServiceProviders (ISPs), or servers. When a hacker manages to access thesystem, the defense in depth reduces the adverse effects giving theengineers and administrators time to install updates or novelcountermeasures to avoid recurrence. The constituents of defense indepth comprise firewalls, hierarchical passwords, antivirus software,anti-spyware programs, biometric verification, and intrusiondetection. Additionally, physical protection of the organization’ssites is utilized to back up the electronic countermeasures. Apartfrom that, comprehensive training of the personnel enriches thesecurity of crucial information against destruction, theft, orcompromise (Rouse, 2016).
Itis an important facet of physical security. As illustrated above,defense in depth ensures malicious hackers do not access unauthorizedsystems. The personnel involved will be trained to achieve smoothintegration to incorporate the approach within the protection plan.In other words, since the approach is strengthened via physicalsecurity, the people involved ought to be highly trained. In thismodel, an analysis should precede synthesis to comprehend theentirety of the evaluation. Evidently, for security to be effectualin governing access to a safety zone or an asset, there ought to be away of sensing, delaying and reacting to adversary efforts to gainillegal access. The protection plan will ensure interruption andnullification of the adversary before a fruitful zone crossing.Additionally, tags will be provided harmonized with the roles in thecompany. Therefore, security clearance will be granted depending onthe functions.
Asa security manager, the inclusion of secure authentication andadequate training of personnel is to prevent intrusion. In the firstcase, heightening authentication measures would prevent unauthorizedpersonnel from accessing confidential information. Intrusiondetection will also be installed to avoid any criminalities.Therefore, the staff involved will undergo extensive training toensure everything runs smoothly. The major factors to consider beforechoosing a barrier are cost, ease of use, privacy, and security. Thenew barriers have to be cost friendly according to the organization’scapabilities. The ease of operation has to fit all the personnel. Themeasure must also maintain the confidentiality of the involved staff.The security action needs to correlate with the facility’srequirements (Nok, 2016).
Developingthe business continuity plan will follow four critical stages, thatis, business impact assessment, recovery strategies, policydevelopment, and testing. The first step is to ascertain what eachstep entails before concentrating on plan development. The first twostages are involved in determining the gaps between the recoveryneeds. Furthermore, the second phase ensures the appropriate recoverymechanisms are chosen and implemented. The plan development phaseentails developing a framework, organization of the recovery groups,the creation of relocation plans, writing of the company’scontinuity and IT adversity procedures, and document the manualworkarounds. The plan will then be tested before the employees aretrained.
Whenbusiness is hindered, it usually costs a considerable amount ofmoney. It results in lost revenues and extra expenses that lessen theprofits. The four phases of developing a business continuity conceptmust be observed. The recovery strategies must also be developed toensure technology is restored early enough to cater for the businessneeds. The manual workarounds are part of the Information Technology(IT) concepts.
Technologyis advancing at a considerable rate across the globe. Thetechnological depth has also heightened competition among differentorganizations. Though the corporations boast of steady technologicaladvancements, they still face numerous challenges. One core concernis security. Some people utilize their knowledge to accessunauthorized data or even steal from private institutions. In future,the advancements in technology will be greater, but security willstill be a major concern. Economic/Industrial espionage poses a hugethreat. According to the Federal Bureau of Investigation (FBI),industrial espionage is on the rise. The agency realized that therewere many instances of industrial espionage targeting the U.S.organizations. Most of the perpetrators originate from China withlinks to the country’s authorities (Bruer, 2015).
Thecompetitive nature of businesses has increased the desperation amongcompetitors. In that regard, people resort to spying as a means ofstaying competitive. A good example can be drawn from the musicindustry. Many copyright cases have been reported whereby an artistcopies dance moves from other choreography. The same cases have beenreported in the automobile industry. The competitive nature is boundto worsen relations among manufacturers. As the FBI ascertained, theprivate companies are the most affected. Actually, out of the 165private organizations that took part in the FBI survey, half of themcomplained about theft of trade secrets or economic espionage. Theprimary objective of industrial espionage is to limit spending. Inother words, instead of spending high amounts of cash on marketresearch, a company just spies and copies proven methods from fellowcompetitors. Due to the rising global market competition, thebehavior is bound to increase (Bruer, 2015).
Bruer, W. (2015, July 24). FBI sees Chinese involvement amid sharp rise in economic espionage cases. Retrieved from CNN: http://edition.cnn.com/2015/07/24/politics/fbi-economic-espionage/
Nok, N. (2016). Four Barriers to Adopting Strong Authentication. 1-10.
Rouse, M. (2016). Defense in Depth . Retrieved from Teach Target: http://searchsecurity.techtarget.com/definition/defense-in-depth