defense in depth

Defense in depth minimizes the probability that the efforts of malicious hackers will succeed. A well-designed strategy of this kind can also help system administrators and security personnel identify people who attempt to compromise a computer, server, proprietary network or ISP (Internet service provider). If a hacker gains access to a system, defense in depth minimizes the adverse impact and gives administrators and engineers time to deploy new or updated countermeasures to prevent recurrence.

Components of defense in depth include antivirus software, firewalls, anti-spyware programs, hierarchical passwords, intrusion detection and biometric verification. In addition to electronic countermeasures, physical protection of business sites along with comprehensive and ongoing personnel training enhances the security of vital data against compromise, theft or destruction.

Read more about defense in depth: - Victor Hazlewood outlines the fundamentals of defense in depth. - SecurityDocs.com offers several white papers relevant to defense in depth.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Awareness Training Essential Part of Infosec Program AWARENESS TRAINING Nothing circumvents pricey defense-in-depth faster than people; educating workers about security... How to lock down instant messaging in the enterprise Application security expert Michael Cobb offers several strategies enterprises can use to control, monitor and ultimately secure IM applications. Worst practices: Bad security incidents to avoid Some of information security's worst practices are just best ones ignored. Michael Cobb shares stories from the infosec trenches in this amusing set...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary non-disclosure agreement  (SearchSecurity.com) security policy  (SearchSecurity.com)