Defense in depth
Defense in depth in technology is making use of available technologies to implement security. It is opposed to investing in every new technology that is found in the market. Technology is dynamic and therefore will require reinvesting every now and then. For this reason, it has been said that technologies that are used for security should be renewed and re-implemented every day. With defense in depth, this is not the case. With this strategy, emphasis is placed on understanding the technologies that are already in place to counter attacks. This is a good strategy especially when it comes to costs. This will mean that the cost of spending in technologies will be reduced. Security will be achieved in the end.
Another advantage of this is that the various attack mechanism that are practiced by attackers will be mitigated. In today’s information systems and networks, many attackers will employ the various attack mechanisms to the perceived network. In implementing a defense in depth approach, the various mechanisms used in protection are better placed to mitigate the attacks. In this case, various mechanisms are put in place. It is not the case where new advanced technologies are implemented. Unlike this, the technologies that have been used initially in defense are implemented and worked on.
There are disadvantages that come with this strategy. One of them is that there are new attacks that are sophisticated than the techniques which have been put in place. In these cases, there is need to have advanced defense mechanisms which will counter these attacks. In systems which use antivirus, there is a need to have updates from the companies and sometimes will be required to purchase an advanced system to counter attacks.
Many defense mechanisms will hinder delivery of services. This is because the strategies and the constraints that will need to be implemented will hinder the effective working of employees. They will be required to observe the constraints that have been put on the data.
Another issue is that of compatibility. There are other applications and information systems which are not compatible with other security mechanisms that are put in place. In this case, there will be disparity in security degree in the organization. In extreme cases, some defense mechanisms may corrupt some information systems and applications in the organization.
All in all, defense in depth should be encouraged and selective defense applied to applications and information systems so that those information systems which are not compatible with some defense mechanisms are left out and other strategies used.
References
Allen, J. (2003). The ultimate guide to system security. Boston: Madison-Wesley.
Andress, J. (2011). The basics of information security. New York: Elsevier.
Biesecker, A. (2004). Defense in depth: Core knowledge. New Jersey: AJBOOKS LLC.
Butler, C., Rogers, R., Ferratt, M., Miles, G., Fuller, E., Hurley, C., et al. (2007). IT security interviews: Why defense in depth should be implemented. Michigan: University of Michigan.
Dhillon, G. (2007). Information systems security and principles. New York: John Wiley & Sons.
Pfleeger, C., & Pfleeger, S. (2003). Security in computing. London: Prentice Hall Professional.