Enterprise Services
Showing results for 
Search instead for 
Do you mean 

To be or not to be 100 percent protected

Nadhan on ‎08-27-2013 01:56 PM

Today, there is simply no way to provide 100 percent protection,” says Steve Lazerowich, a security solution leader within the U.S. Public Sector practice for HP Enterprise Services. Adversaries – be they hackers, criminal elements, or nation states – can penetrate the enterprise information systems to the core. So what can the nations of today do? “The best approach is defense in depth,” says Lazerowich, speaking of a multi-layered approach to protecting systems. Let’s explore this further.

 Security Donut.png

Relishing the butter twist donut at Bill's Donuts in Dayton, OH, on a Saturday morning, I realized that I was not too far from the Wright Patterson Air Force Base. The Air Force Materiel Command (AFMC) at the base conducts research, development, testing and evaluation, and provides the acquisition management services and logistics support necessary to keep the United States Air Force weapon systems ready for war. It epitomizes an area that must be securely guarded.

Nations with such bases for various defense channels must have a layered approach to security – a concept that Christopher Peters calls out very well in his post on Layered protection for a mobile business. This concept can be applied to the federal government – the modern equivalent of a kingdom.


Going back in history, monarchs had perimeters of security in place. They would have outposts with guards on the lookout for adversaries on the prowl with a body of water – usually a moat – delineating their home base; serving as another deterrent with multiple layers of armed warriors guarding the innermost residence of the reigning monarch and family.


A layered approach to defending enterprises is not any different.


1.       Boundary: This is the outer periphery of the enterprise that represents the nation with firewalls and network intrusion prevention systems.


2.       Network: Intrusion detection systems monitor unauthorized network traffic raising the right security alerts.


3.       Platform: Platforms need their own end point protection; including malware protection, data encryption, and white listing technology. Patterns of incidents at a platform level can be used to identify unwarranted attempts of security violations.


4.       Applications: Applications, as the weakest link, provide the greatest opportunities to enforce security. Getting back to basics across the Software Development Lifecycle is vital. Are your applications holding the fort in your enterprise?


5.       Data: This is the pot of gold at the end of the rainbow for adversaries. Data Leak Protection is designed to further protect data by ensuring users can only access and use information needed to perform their specific roles. Data encryption is another layer of defense to prevent misuse should it fall into wrong hands.  


Defense in depth mitigates security challenges faced by national governments. Even so, it is not possible to guarantee 100 percent protection, because adversaries are constantly ahead in the game of cybersecurity. But that is no excuse to not take proactive measures across all layers of defense.


After all, the monarch of the enterprise is responsible for the security of all the subjects, including the customer in Bill's Donuts in Dayton, OH who would like to enjoy his butter twist donut in peace.


Connect with Nadhan on: Twitter, Facebook, Linkedin and Journey Blog.




About the Author


Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
1-3 December 2015
Discover 2015 London
Discover 2015 in London, the ultimate showcase technology event for business and IT professionals to learn, connect, and grow.
Read more
November 2015
Software Online Expert Days
Join us online to talk directly with our Software experts.
Read more
View all