e-BooksSubscribeContact

What is defense in depth?

By Max from AzureGuru
Published in AZ-900 Training
January 16, 2021
1 min read
*This article could be a summary of content for learning purposes. For more information and knowledge, read the original articles in the References section.

The objective of defense in depth is to protect information and prevent it from being stolen by those who aren’t authorized to access it. A defense-in-depth strategy uses a series of mechanisms to slow the advance of an attack that aims at acquiring unauthorized access to data.

Layers of defense in depth:

Layers of defense in depth

  • Data
    • Stored in a database
    • Stored on disk inside virtual machines
    • Stored on a SaaS application such as Office 365
    • Stored in cloud storage
  • Application
    • Ensure applications are secure and free of vulnerabilities.
    • Store sensitive application secrets in a secure storage medium.
    • Make security a design requirement for all application development.
  • Compute
    • Secure access to virtual machines.
    • Implement endpoint protection and keep systems patched and current.
  • Networking
    • Limit communication between resources.
    • Deny by default.
    • Restrict inbound internet access and limit outbound, where appropriate.
    • Implement secure connectivity to on-premises networks.
  • Perimeter
    • Use distributed denial of service (DDoS) protection to filter large-scale attacks before they can cause a denial of service for end users.
    • Use perimeter firewalls to identify and alert on malicious attacks against your network.
  • Identity and access
    • Control access to infrastructure and change control.
    • Use single sign-on and multi-factor authentication.
    • Audit events and changes.
  • Physical security
    • Physical building security and controlling access to computing hardware within the data center is the first line of defense.

References:

  • What is defense in depth?

Tags

AZ-900Network Security

Related Posts

What are service-level agreements (SLAs)?
January 17, 2021
1 min
© 2021, All Rights Reserved.

Quick Links

Advertise with usAbout UsContact Us

Social Media