Layered Security

As hackers' tools become more sophisticated, and instances of network intrusion become more widespread, every organisation needs to strengthen their security measures. Although no organisation's security system can be 100 % impenetrable, a layered security system, supported by a comprehensive information security policy, can significantly reduce the risk of attack by increasing the costs and resources required by the attacker to break through.

Organisations that have stopped short of implementing a layered approach, relying solely on the firewall/virus scanner approach, are taking a significant risk. While firewalls and virus protection are necessary, by themselves they address only one element of potential security risk and may contribute to a false sense of security.

Internal Security

Perhaps the most overlooked threats to internal network security are the threats posed by employee behaviour and intrusions from internal sources. A high proportion of security compromises are the result of actions by an insider, whether they are due to malicious intent or inadvertent user error, or by hackers. This threat will only continue to rise as enterprise systems become increasingly more complex. Vulnerabilities arise from flaws in the systems or from system configuration errors which can then be exploited by hackers or other malicious individuals to gain access to network assets.
   
Perimeter Security
Network administrators need to know who is accessing which resources and establish clear perimeters to control that access. An effective security policy balances accessibility with protection. Security policies are enforced at network perimeters. Often people think of a perimeter as the boundary between an internal network and the public Internet, but a perimeter can be established anywhere within a private network, or between your network and a partner’s network. A solid perimeter security solution enables communications across it as defined by the security policy, yet protects network resources from breaches or attacks. It controls multiple network entry and exit points. It also increases user assurance by implementing multiple layers of security.

Remote Security
Increasingly companies are becoming decentralised and the number of mobile employees, vendors and customers are growing. Hence, the need to connect to the company’s internal resources is rising as well. Technologies which facilitate this process enables companies to reduce overheads and to offer more competitive services. However, in extending the corporate boundaries to remote users, companies face increasing security concerns due to the fact that when you have people connecting to the network from the outside you have less control over their computers.