Strength in numbers: taking a layered approach to information security

Resources
Ernest Anamalu
Ernest Anamalu
Information Security Analyst, Payworks

Ernest leverages several years of experience in defense-in-depth technologies, policy management and security system implementation in his role at Payworks, where he devotes his skills to evolving endpoint security/vulnerability management and security awareness.
Analyste de la Sécurité de L'Information

Ernest met plusieurs d’années d’expérience dans les technologies de protection avancée, la gestion des politiques et la mise en œuvre des systèmes de sécurité au service de Payworks, où il met à profit ses compétences dans le but d’améliorer la gestion des vulnérabilités/de la sécurité des points terminaux et la sensibilisation à la sécurité.

When an employee browses the web, they’re unknowingly connecting to hundreds, if not thousands, of information systems to download and view the content on their screen, even if they’re just accessing a single website. It’s impossible for users to identify and assess the safety of each of these individual sources, which is why a robust information security system needs to be in place.

Why multi-layered security?

By establishing a multi-layered approach to security, those connections need to pass through multiple unique controls and defenses before the pages and content can load. Those defenses can include a combination of technologies such as a firewall, web protection, anti-malware, ad blocking and many more. This way, if one line of defense is compromised, other defenses are in place to continue protecting your business (referred to as defense in depth or “the castle approach”).

How “the castle approach” can protect your organization

Defense in depth essentially echoes the tiered defense system of a medieval castle, with people, process, and technology each playing a key role. Today’s reality is that there’s no uniform or blanket system that can successfully protect a company’s systems and networks, and the vastness of the digital realm means there’s an array of potential hackers with various ways and means of attempting to obtain sensitive information.

A defense in depth approach can be leveraged whether an organization is using one device or thousands. By combining and applying layers of security, businesses are more likely to have the right security in place to better protect their systems and networks against an array of potential hacking methods.

Defense in depth is only a small piece of a much larger picture when it comes to information security and protecting your business from cyber threats. Apply the concept of defense in depth and always strive to improve your information security practices.

Interested in a Demo or more info?

We would be more than happy to show you how to get the most from our suite of workforce management solutions. Simply contact your sales representative at sales@payworks.ca  to start the conversation.