The Core Layers Of Defense - 1237 Words

Internet of Things is a new technology that delivers communication among billions of smart devices via the Internet such as a smart car, vending machine, smart house, health system and business system, et cetera. Nearly 50 billion devices and sensors will be connected to the Internet by 2020 and most of them will perform their duties without having security. In addition, the critical missions of a massive interconnected device are security and interoperability. Hackers will use more complex tools and techniques to breach the network system. Hence, companies should establish strong security countermeasures and the best approach to provide better security by deploying a multilayer approach which is called Defense in Depth. Defense in Depth†¦show more content†¦A good policy should be concerned with providing data confidentiality, integrity, availability, resource protections, and also should be audited periodically. An example of policy is to send out critical data via the Int ernet, the data must be encrypted. The second part is procedures: which are a detail of the steps and documentations that explain how a particular function or job should be done. For instance, a detail instruction which tells how a particular program should be installed. The last part is the awareness and training which is very critical to take into consideration. Thus, all employees should be trained and aware of general security by providing them with security training whenever it is necessary and educate them about cyber security. The second approach of Defense in Depth is application security: applications are programs which are run by users for multi-purpose tasks. Users directly interact with applications, such as internet browsing and using email; therefore, applications have more associated with security risk and vulnerability. Vulnerability is the weaknesses of a system which hackers may take advantage of and can compromise the system. There are a lot of way to protect applications from intruders, such as vulnerability scanners which is tools and programs used to detect vulnerability before the attacker compromises the system. Another security tool is the penetration test which breaks into network systems after finding the