Trusted answers to developer questions
Trusted Answers to Developer Questions

Related Tags

What is multi-layered security?

Affan Malik

Grokking Modern System Design Interview for Engineers & Managers

Ace your System Design Interview and take your career to the next level. Learn to handle the design of applications like Netflix, Quora, Facebook, Uber, and many more in a 45-min interview. Learn the RESHADED framework for architecting web-scale applications by determining requirements, constraints, and assumptions before diving into a step-by-step design process.

Overview

Multi-layered security is an approach in network security that deploys multiple security controls to protect the most vulnerable areas. These parts of the technology environment are where more breaches and cyber attacks occur.

This security approach aims to ensure that every component of the cyber security plan has backups to combat failures and breaches. These layers strengthen defenses and provide a solid foundation for cyber security programs.

An illustration of the benefiical outcomes of multi-layered security

Layers of security

A layered security strategy requires each layer to focus on a specific vulnerable area or vulnerability enhancement. These multiple layers of security protect data in case of a failure or breach somewhere in the system. If one level fails, another level blocks or eliminates the threat.

The diagram shown below depicts how the seven layers of security are implemented in real-time processes in applications.

An illustration of the seven layers of security in a real-time application

Some common types of security layers include:

  • Monitoring: This layer ensures what is happening in the environment and can correlate events in different parts of the background to understand the whole picture.
  • Network: This layer ensures the network is adequately protected, minimizes unnecessary services, uses secure baseline configuration, and ensures that the bandwidth is protected.
  • Internet: This layer confirms that access to the internet is monitored and protected. It also ensures that users who are trying to access the services from the internet are adequate and in-protection.
  • Users: This layer reduces privileged access to the minimum and ensuring user identity is correctly authenticated before a user has access. They are ensuring that users have adequate cyber awareness training.
  • Device: This layer ensures that device configuration adheres to a secure baseline and runs an effective antivirus and host firewall.
  • Prevention: This layer ensures that access to services by employees, partners, and the general public is adequately protected and remote employee access is secure.
  • Patch management: This layer ensures that updates are applied to user devices, servers, applications, appliances, and network devices promptly.
  • Data protection: This layer makes regular backups of data, ensures recovery works, understands what one owns, and ensures that we have the appropriate controls to protect the data.

RELATED TAGS

CONTRIBUTOR

Affan Malik
Copyright ©2022 Educative, Inc. All rights reserved

Grokking Modern System Design Interview for Engineers & Managers

Ace your System Design Interview and take your career to the next level. Learn to handle the design of applications like Netflix, Quora, Facebook, Uber, and many more in a 45-min interview. Learn the RESHADED framework for architecting web-scale applications by determining requirements, constraints, and assumptions before diving into a step-by-step design process.

Keep Exploring