What Shrek Can Teach You About Cybersecurity
Why a Layered Approach is Best
If there’s one thing Shrek is adamant about, it’s layers. He’s no one-dimensional being – he’s made of many different elements.
Layers don’t just apply to ogres; they’re essential in cybersecurity, too. Even a tiny gap in your network protections is enough for a hacker to squeeze through.
Depending only on the built-in security capabilities of your apps and hardware leaves your network security looking like swiss cheese. Think of all the holes you could be leaving open for cyber criminals to exploit by:
- Poor password management
- Unrestricted file/folder access
- Untrained employees who don’t know what a phishing email is
- Not using encryption
- Unsafe remote access policies
- Putting off removing ex-employees from the system
- And the list goes on
Gaps like those are why 1 in 5 small businesses will suffer a cyber breach this year. But there’s also some good news. Today’s security technology can prevent 97 percent of breaches – 97 percent! What’s the secret to such effective cybersecurity? You guessed it – layers.
Good Cybersecurity is Like Onions
No one vendor or solution is the magic bullet that prevents all threats. If there was, we wouldn’t be having this conversation. Instead, you need a variety of tools and resources working together to provide maximum protection for your devices, data, and networks.
A layered approach means having protection in place at critical points along the path a cyber breach takes. There are four basic security layers.
Your outermost layer is pre-network protection – protection that stops an attack from even getting into your network in the first place. This includes tools like anti-spam and employee awareness training (to prevent malicious downloads and phishing).
If an attack makes it into your network, your second protection layer – breach notification – alerts you when suspicious activity is detected. This lets you isolate the attack before it spreads to the entire network.
Spread prevention is your third layer. Tools like anti-virus, anti-spoofing, and threat monitoring fit here.
Finally, there’s the information security layer. This is where you have the resources to lock down your data and devices to keep an attack from getting to your vital information.
Security Audit – A Necessary First Step
You can’t fix what you don’t know is broken. A comprehensive security audit shines a spotlight on any security gaps. A good audit should look at items such as:
- Spam filters
- Password policies
- User training
- Web filtering
- Equipment patches
- Mobile device management
- Data backup and disaster recovery
ITP offers an industry-leading network security assessment to help you determine where you are today and what you need to do to establish effective, layered protection. Just visit our Security page or contact us at . You can even start evaluating your network right now with our simple checklist.
15 Ways to Protect Your Business From a Cyber Attack