A well-designed security architecture seeks to eliminate, or at least minimise the number of points where a single failure can lead to a breach. The controls that make up each of the layers of security for an organisation can include technical controls, administrative controls, and physical controls that prevent, detect, or correct issues. The foundation of most security designs relies on the concept of defence in depth.

In other words, a single defensive measure should not be the only control preventing an attacker (or a mistake!) from creating a problem. Since there are many potential ways for a security breach to occur, a wide range of defences must be layered together to ensure that a failure in one does not endanger sensitive data, systems, or networks. One of the most important concepts for defence in depth is the idea of layered security. This means that each layer of security adds additional protections that help prevent a hole or flaw in another layer from allowing an attacker in. Each additional layer adds protection, from application layer security that protects the methods used to access the data, to endpoint system security like data loss prevention software.

Layered security can be complex to design. The interactions between security controls, organisation business needs, and usability all require careful attention during the design of a layered security approach. What may seem like an impossible feat, we here at Barton Cyber+ can make this a stress free process by combining years of experience and expertise.