What are horizontal security layers and how can this solution help my business?
Layered security is a method of implanting multiple types of security solutions to an organisation’s technology network to minimise the risk of an external cyber-attack that could damage or disable it. Such solutions are sometimes referred to as horizontal security layers. They serve an important purpose in today’s modern business environment for a few different reasons.
- First, the demise of traditionally installed software systems and the massive rise of cloud-based applications mean that it is much easier for external bodies to infiltrate a company’s data — with the potential of doing real damage by stealing data, disabling systems, and much more.
- In addition, the changing nature of the working environment and increase in the number of employees working away from the office, as well as carrying out work using their personal mobile devices, means that it is more difficult for the organisation to track, monitor, and protect the flow of data in and out of the business.
Gartner: top 7 security and risk management trends for 2019
What are my organisation’s weak spots?
There are a whole host of cyber-security risks that could infiltrate your business, and it can be difficult to protect yourself against them all. That’s why it pays to do a thorough risk analysis to make sure that you are targeting the areas that pose the biggest threats to your own business.
For example, you might need to re-examine your anti-virus software to make sure it offers strong enough protection, or re-visit your encryption process. Many companies have wide-ranging IT policies that, if implemented by all staff to the letter, offer added protection. In practice, however, it may not be being followed for various reasons, or staff might be not be educated well enough in the area, and therefore, unwittingly fall prey to otherwise easily-avoided malware attacks.
And then there is the question of third-party business partners such as vendors who may not follow the same security principles that your organization does, putting your own data in jeopardy.
How gamification can boost cyber security
How horizontal security layers can strengthen the security of my organisation’s data?
This is where horizontal security layers can help you. With hackers and phishing attacks becoming ever smarter and more targeted, you simply can’t rely on one or two interventions to protect your business, and you need to employ a wide-reaching strategy of prevention.
Here are some of the key areas to consider:
- Firewalls are barriers between your internal systems and external forces and should always be in place. Also, ensure your network is fully updated and secured.
- Anti-attack software can help prevent phishing and spam hitting your network. Anti-malware is also important to pick up and identify incoming attacks.
- Make sure that your internet applications are regularly updated so as not to leave vulnerable gaps in your systems for infections to target.
It’s also worth remembering that SaaS (software as a service) products that are hosted on the cloud generally offer multiple layers of built-in security to protect end-user data and the data on the platform. This is a great advantage to you as the user, as you can have confidence in the integrity and security of the software, as opposed to traditional software which you have to apply your own security to. Also, the horizontal security layers give you additional protection – if one part fails, you have additional backups to keep your data safe.
CASB, castles in the air, and why surprises lurk within cloud data security
Information Age spoke to Rajiv Gupta, the man who heads up cloud security business at McAfee. He told us why security professionals can react in horror to a surprising stat on how many cloud services organisations typically use, why they have enjoyed a road to Damascus moment regarding the cloud and security and what CASB has in common with castles in the air.
While the technology solutions above are critical to helping protect the integrity of your systems, of equal importance is a clear focus on educating and supporting your users to carry out their IT activities carefully and responsibly. Consider aspects such as ensuring you have up-to-date, easy-to-read IT policies and, crucially, monitor how they are being applied by your users. A workforce that understands its obligations towards IT security complies with the rules, and reports any concerns or issues to the IT team quickly is one of the best lines of defence against cyber-attacks.
Tackling the ROI conversation: why cyber security provides more than defence
Make sure your IT strategy doesn’t stand still
As malware infections and cyber attacks are constantly evolving, your strategy for preventing them and managing them needs to advance, as well. In addition to ensuring that you invest in the most up-to-date security measures, continuously monitor their effectiveness to make sure your protection is the best that it can be.
About the author:
Dinesh Varadharajan is the Vice President at Kissflow. He leads the product management team that looks after the company’s flagship workflow automation product.
Dinesh is a hands-on executive with a wide range of experience working with bleeding-edge technologies, developing great products and mentoring highly productive teams. He has profound knowledge in the design and technical implementation of BPM solutions.