Defense in Depth (computing)
From Wikipedia, the free encyclopedia
Defense in Depth is an Information Assurance (IA) strategy where multiple layers of defense are placed through out an Information Technology (IT) system and addresses personnel, technology and operations for the duration of the system's lifecycle.
Defense in depth is originally a military strategy which seeks to delay rather than prevent the advance of an attacker, buying time by yielding space. The placement of protection mechanisms, procedures and policies are intended to increase the dependability and assurance of an IT system where multiple layers of defense prevent direct attacks against critical systems and prevents espionage. In terms of computer network defense (CND), defense in depth measures should not only prevent security breaches, but buy an organization time to detect and respond to an attack, therefore reducing and mitigating the breach's impact.
The IA Task Force uses the following framework to create a common terminology and partition IA technology in a user environment:
- Computing Environment
- Enclave Boundary
- Networking Infrastructure
- Supporting Infrastructure
[edit] See also
[edit] References
[edit] External Links
 |
This computer-related article is a stub. You can help Wikipedia by expanding it. |
