Layer 1: Country Blocking
Especially if your business only operates in North America, it often makes sense to block prolific spam sources by country, across all ports and protocols. Admittedly, country blocking is a blunt instrument, and you might need to make exceptions for applications that are hosted in certain countries. But it can be an effective first step in limiting the number of threats you’re dealing with in a given month.
Layer 2: Hard Drive Encryption
Encryption continues to be a vital method of defense for many businesses, including those that are subject to HIPAA or other regulations that require it. By encrypting your workstation and server hard drives, you can protect sensitive data wherever it lives, including both cache and application data. Or at least you can make it harder to reach.
Layer 3: Endpoint Antivirus and Anti-malware
Every endpoint in your business should be protected with the latest antivirus and anti-malware software to defend against all forms of harmful software. The best solutions block hacking, phishing, spyware, adware, and other forms of attack in real time, preventing hackers from spreading themselves from endpoints to other computers across the business.
Layer 4: Managed Patching
It’s critical that you know when new security patches are announced for your operating systems and applications. With a managed patching solution, not only will you receive a notification but the patches can be installed immediately, ensuring that you are fully defended at all times.
Layer 5: Multifactor Authentication
Multifactor, or two-factor, authentication is the new standard that helps ensure only authenticated and authorized users can access your business-critical applications. With the right software, multifactor authentication can be applied to any business application, so users have to provide two or more pieces of evidence, or factors, to gain access to sensitive data and applications.
Layer 6: Email Security
To defend against the many attacks that enter businesses through email, it’s important to train employees to be on the lookout for phishing and other scams. You also need to set up robust email security solutions, including setting detailed firewall rules, automatically scanning all internal email traffic, and improving reporting so you always know which accounts have been compromised.
Layer 7: Threat-Aware Backup and Disaster Recovery
Backing up your data is itself a form of business protection—but backups also need to be protected. In fact, both data backup and disaster recovery solutions need to be at least as threat-protected and threat-aware as the rest of your business. Solutions are needed that provide full visibility into your backup process, so you can detect ransomware infections right away. You might need a purpose-built backup system that abstracts the backup data, and you’ll definitely want to test your recovery process on a regular basis to make sure you can recover fast.
Layer 8: Wireless Security
Wi-Fi networks are an attractive target for hackers, and they can be challenging to protect, especially as your organization grows. Comprehensive wireless security should restrict unwanted traffic, automate provisioning, and give you deep and broad visibility into your network. It’s also important to maximize network performance even as you prevent unwanted traffic from entering the network.
Layer 9: Mobile Device Security
Imagine the damage if an employee’s smartphone or other mobile device is hacked and the data leaked to the public or the competition. To prevent this, mobile device management (MDM) security needs to be added on top of the basic security built into the device. Encryption, access restrictions, remote management, and other features can help keep sensitive information fully protected.
Get the Security Solutions You Need
These nine layers of security are essential—but they’re only the beginning. Investing in a comprehensive portfolio of security services is a smart way to ensure you’re fully protected against the full range of existing and emerging threats. Learn more about developing an effective security awareness program.