Layered security is sometimes also referred to as “defense in depth" or “layered defense." Despite the fact that the terms are used in substitution, they do not mean the same thing. Layered security refers to using more than one security program to protect your computer. The defense in depth approach refers to a more broad approach to computer security that includes more components than those of layered security.
Layered security is a security approach that anyone can use regardless of how many computers their network involves. The basic premise behind it is that by using only one program, they security is flawed and is going to leave the computer(s) open to other threats. The only way to leave a computer completely safe from all security threats is to turn it off, because no matter all the security mechanisms you have in place, you are still susceptible to threat. Of course, with layered security, you'll be more protected because you'll have more than one program working to protect your computer.
It is important to realize though, that this term of layered security does not consider multiple instances of the same provider to be effective. For example, if you have installed the McAfee Anti-Virus program, the firewall, and the anti-spam program, you are not using layered security because all of these programs come from the same vendor. Though these tools work together to cover each other and their potential pitfalls, this is not layered security, so much as “redundancy." Many companies like McAfee and Norton offer a suite of programs stacked together to appear as layered security for home users.
The steps of layered security include:
- Identifying what is important and valuable information.
- Backing up said information—frequently, to keep it updated in the event you ever need it.
- Choose a firewall to keep your system protected.
- Choose a security suite that fights against malware.
- Update this software frequently to keep your computer protected against threats.
- Encrypt any data you take with you in a laptop.
- If you use wireless networking, do not leave your network open. Make sure to address security by requiring the network to use authentication and encryption.
- Practice care when using mobile phone and PDA devices because there are less protection available for these devices. Download and install updates and patches immediately as they become available from the device manufacturer.