Enterprise Services
Showing results for 
Search instead for 
Do you mean 

To be or not to be 100 percent protected

Nadhan on ‎08-27-2013 01:56 PM

Today, there is simply no way to provide 100 percent protection,” says Steve Lazerowich, a security solution leader within the U.S. Public Sector practice for HP Enterprise Services. Adversaries – be they hackers, criminal elements, or nation states – can penetrate the enterprise information systems to the core. So what can the nations of today do? “The best approach is defense in depth,” says Lazerowich, speaking of a multi-layered approach to protecting systems. Let’s explore this further.

 Security Donut.png

Relishing the butter twist donut at Bill's Donuts in Dayton, OH, on a Saturday morning, I realized that I was not too far from the Wright Patterson Air Force Base. The Air Force Materiel Command (AFMC) at the base conducts research, development, testing and evaluation, and provides the acquisition management services and logistics support necessary to keep the United States Air Force weapon systems ready for war. It epitomizes an area that must be securely guarded.

Nations with such bases for various defense channels must have a layered approach to security – a concept that Christopher Peters calls out very well in his post on Layered protection for a mobile business. This concept can be applied to the federal government – the modern equivalent of a kingdom.


Going back in history, monarchs had perimeters of security in place. They would have outposts with guards on the lookout for adversaries on the prowl with a body of water – usually a moat – delineating their home base; serving as another deterrent with multiple layers of armed warriors guarding the innermost residence of the reigning monarch and family.


A layered approach to defending enterprises is not any different.


1.       Boundary: This is the outer periphery of the enterprise that represents the nation with firewalls and network intrusion prevention systems.


2.       Network: Intrusion detection systems monitor unauthorized network traffic raising the right security alerts.


3.       Platform: Platforms need their own end point protection; including malware protection, data encryption, and white listing technology. Patterns of incidents at a platform level can be used to identify unwarranted attempts of security violations.


4.       Applications: Applications, as the weakest link, provide the greatest opportunities to enforce security. Getting back to basics across the Software Development Lifecycle is vital. Are your applications holding the fort in your enterprise?


5.       Data: This is the pot of gold at the end of the rainbow for adversaries. Data Leak Protection is designed to further protect data by ensuring users can only access and use information needed to perform their specific roles. Data encryption is another layer of defense to prevent misuse should it fall into wrong hands.  


Defense in depth mitigates security challenges faced by national governments. Even so, it is not possible to guarantee 100 percent protection, because adversaries are constantly ahead in the game of cybersecurity. But that is no excuse to not take proactive measures across all layers of defense.


After all, the monarch of the enterprise is responsible for the security of all the subjects, including the customer in Bill's Donuts in Dayton, OH who would like to enjoy his butter twist donut in peace.


Connect with Nadhan on: Twitter, Facebook, Linkedin and Journey Blog.




0 Kudos
About the Author


Nov 29 - Dec 1
Discover 2016 London
Learn how to thrive in a world of digital transformation at our biggest event of the year, Discover 2016 London, November 29 - December 1.
Read more
Each Month in 2016
Software Expert Days - 2016
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all