Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday March 24 2017, @02:23AM   Printer-friendly
from the onions-have-layers dept.

The principle of Defence in Depth ("DiD"), says OWASP (Open Web Application Security Project), is that "layered security mechanisms increase security of the system as a whole". That is, if one layer of protection is breached, there's still the opportunity for the attack to be fended off by one or more of the other layers. If anyone's ever drawn something that looks like an onion on the whiteboard – a load of concentric layers with your infrastructure in the middle – that's the concept we're looking at. It's actually a military term that's been adopted by security types in the IT industry who want to be tank commanders when they grow up.

On the face of it it's a pretty simple concept to understand. Rather than just having (say) anti-malware software on your desktop computers, why not also make your Web downloads go through a filter that has malware protection on it too? And yes, this helps. But to do it properly you have to step back a few strides and have an overview of your world: although it's going to cost me 50p in the buzzword swear box, I'm going to say "holistic view".

I secure my systems by naming things like Perl regular expressions. Attackers instantly go cross-eyed and fall over.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by driverless on Friday March 24 2017, @11:16AM (1 child)

    by driverless (4770) on Friday March 24 2017, @11:16AM (#483594)

    That should actually be pretty safe. Who in their right mind would want to break into, or steal, a system running that sucking-chest-wound of an OS?

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by bob_super on Friday March 24 2017, @05:09PM

    by bob_super (1357) on Friday March 24 2017, @05:09PM (#483748)

    So, the ultimate security is Windows ME, because nobody in their right mind would trust it to hold important information?