What is Layered Security?

What is Layered Security?

Layered security is a security strategy that involves combining different security controls to form a comprehensive multilayered defense against cybersecurity threats. It’s also known as ‘defense-in-depth’, a term borrowed from the military tactic with the same name, whereby multiple layers of defense are used to delay an attack and cause it to lose momentum.
Layered security provides inherent redundancy. If one layer of security fails, another layer keeps the system and its data secure. To get through to the system, a threat would have to infiltrate every level of security. Layered security involves three main types of controls.


Layered security controls


Administrative controls
Administrative controls consist of policies and procedures put in place by an organization to minimize vulnerabilities. For example, these controls may include security standards that must be followed and procedures for handling sensitive data. Security officers are responsible for ensuring that these policies and procedures are upheld.
Physical controls
Physical controls include anything that physically protects the actual, physical IT system. It includes doors with locks, fingerprint scanners, CCTV footage, security guards and gates.
Technical controls
Perhaps the most complex of the controls, technical controls include software and hardware-based information security solutions. These prevent unauthorized access to the IT system and the data within it. A combination of different hardware and software solutions provide the best protection from the wide array of cyber threats out there. Examples of technical controls include traditional antivirus and anti-malware software, firewalls (which may be software and/or hardware), password security, email encryption and remote browser isolation.


For maximum protection, multiple solutions should be used for each type of control. Organizations must ensure that their chosen solutions are compatible. Together, the multiple layers of security should provide complete coverage, filling in any gaps through which cyber threats might access the system.


To learn how Ericom solutions can strengthen your layered security strategy, contact us (link to https://www.ericom.com/contact.asp).