As threat actors have evolved in the way that they attack your network to steal your data, your defenses must evolve as well to avoid being the next victim of their efforts. A common method for doing this is to employ a “Defense in Depth” methodology. This involves using a layered approach of protection controls to stop attacks where they enter and detecting them quickly when they do find their way in to limit the damage that they can do to your network. Some common protective controls in this type of strategy are:
- Multi Factor Authentication – This involves something you know (such as your user name and password) and something you physically have (such as your cell phone or a token) that displays unique codes that change regularly which must be typed in to gain access to your network or a piece of software.
- Web/DNS Filtering – This type of technology can reduce your risk by limiting the places that your team can go on the internet and stop them from going to known bad sites or sites that have been compromised.
- Strong Password Policies – When creating passwords they should be long and complex making it difficult for an attacker to guess or easily break with password cracking tools.
- Email Mailbox Monitoring – Email Takeover is one of the largest growing threats to an organization. Monitoring your email mailboxes for indicators of compromise such as new forwarding rules and unusual login activity can quickly stop a threat actor from stealing your email information or intercepting your financial transactions.
- Network Monitoring – Watching the activity that is happening on your network can help reduce the damage that an attacker can cause by looking for behavior such as lateral movement (moving from computer to computer) commonly used in ransomware attacks.
- Employee Awareness Training – One of the best ways to protect your network is to educate your team. Help them understand the common types of things that an attacker will do so they can avoid clicking on the wrong link or typing their credentials into a compromised website.
These are all in addition to some of the traditional controls such as a Next Generation Firewall, Next Generation Antivirus, and regular patching policies which simply protect you from the common types of attacks that have traditionally caused harm to networks.
Employing a Defense In Depth methodology such as this will make it much more difficult for an attacker to gain access to your network and data with the hope that if it is not easy for them to reach their goal in your network, they will move on to somewhere else.