Standard Cybersecurity Layers
You may be familiar with the "7 Cybersecurity Layers", or maybe you haven't heard mention of them. The name of each layer may differ from source to source, but the underlying principle is the same. We want to apply as many of the principles to your online activities as warranted by your type of business. A single owner appliance repair shop with an informational web page may not need network segmentation and/or data encryption at rest. We want to visit with you and learn how to best shape your layered security approach so that it makes sense.
If you are not familiar with the "7 Cybersecurity Layers" as a concept, just let us know and we'll break them down and review the underlying principles so you can make an informed decision. We'll provide you with the information you need to make an informed decision without needed to read pages of details. We find that a scenario based event description is a comprehensive tool for describing the priciples with high level abstracts.
Real World Categories
In the real world, these layers are summed up in 3 catgories; Prevention, Detection, and Response. Prevention is the protection we know we need; the firewalls to restrict access and encryption of data prevent unauthorized use. Then we have Detection for the protection we didn't think we needed; intrusion monitoring on the firwall and log shipping for data access monitoring. Lastly, we have Response to encompass anything we couldn't imagine; cold storage data backups and incident response plans to keep your business running if the unimaginable becomes reality.
- Access Control (Users)
- Network Endpoint Security
- Network Traffic Security
- Application Security
- Data Storage Security
- Data Access Security
- Business Continuity