Deep Defense System for IT security

There are various kinds of security threats that enterprise IT systems must face and implement security controls to mitigate them. Different threats must be treated with different security countermeasures. Refer to the below diagram, the information assets at the hosts are presumed to be the most important to protect. Internet hackers, internal abuse, mis-operations and other  threats  resources must be taken into considertation when designing a defense-in-depth security system. Host based access control, audit, IDS, firewalls, and the central security management software are what you can make use of.  The challenge is to balance the security investment and the outcome. So you’d better to take a risk assessment to quantify the security risk and corresponding distribution, associated with the assets, line of business and etc.




4 Responses to Deep Defense System for IT security

  1. Why says:

    + P D C A
    | Know Risk
    | Get Secure
    | Stay Secure
    | Improve Security
    | Defense in Depth
    v / \
    Level Layer
    People Process Technology
    | | |
    / | \
    Enemy Self Partner

    Alert: as soon as possible
    Defense: mitigate threats, ahead of threat
    Monitor: control
    Response: expect the unexpected

    SO, several MATRIX at above …

    Happy Thinking!

  2. Why says:


  3. Richard says:


    hey, btw, brother, you remember the new domain name: why not,,

  4. Why says:

    本来想注册 了,被人抢先了。

%d bloggers like this: