Every day thousands of people fall victim to some form of information theft or security compromise. As these attacks increase in number and sophistication, it becomes more difficult to shield oneself by relying on only one countermeasure (e.g., antivirus software). A defense strategy based on a single layer of protection will fail because attacks come in multiple forms. The best defense is one that employs multiple layers. To this end, it is recommended that you use a 'Defense in Depth' strategy. Defense in Depth uses multiple, independent layers to protect your computer and the information it contains. If one layer is breached, the other layers can still provide protection. Listed below is a typical 3-layer strategy:
The First Layer-You:
Defending your information begins with you! Technical controls can be bypassed and defeated by clever attackers who exploit careless or gullible people. The good news is you can avoid becoming a victim by educating yourself about the risks associated with using the Internet. As with any other aspect of life, some behaviors are riskier than others. Downloading software from the Internet often installs spyware. Ordering products in response to spam guarantees more spam. Clicking on questionable email attachments installs malware. The first layer of defense is shunning risky behaviors.
The corollary to avoiding at-risk actions is to embrace best practices. There are positive steps you can take to safeguard your information. Some of these steps may seem inconvenient. However, none of them are as inconvenient as recovering from a stolen credit card or other forms of financial fraud.
The Second Layer-PC Defenses:
The next layer of computer defense is comprised of the security settings of your operating system and the security software installed on your PC. The security settings include using strong, complex passwords on your computer's accounts, automating critical updates, and making sure any firewalls bundled with your OS (e.g., XP Pro) are active.
Security software includes third-party firewalls, and anti-malware tools such as Symantec antivirus and anti-spyware products. All three are necessary for an effective defense.
The Third Layer-Network Defenses:
As long as your PC is on and physically connected, it is talking to the network. Being connected to the Internet makes you susceptible to attacks from the outside.To help lessen this threat, the University at Albany employs a number of protective measures at the network level. Firewalls and sensors are used to block and monitor suspicious or malicious traffic. When a University system exhibits symptoms of a hack, the machine is blocked from using the network to prevent it from becoming a threat to other campus systems.
