Securing Home Computers with Defense In-Depth Strategy
To ensure that the information is secured during process, storage and transmission certain security measures are to be taken by the users of that information.
Following sections will describe certain tasks that are to be performed by the user to secure the computer systems being used at home and information stored or processed therein.
These tasks broadly involve steps to prevent computer security incidents.
The Defense in Depth Approach for the Home User
A defense in depth strategy is the traditional one adopted to afford the defended area the strongest and most resilient protection. In the case of the home Internet user, the defended area is the user’s data. As shown in Figure 1, defense in depth for the home user consists of defensive measures adopted in four layers, namely: network access; the operating system; user applications; and data. At the center of the defended area is the most valued component of the defended area – the user’s data.
Figure-1: Most common Intruder methods used against home computers
Attacks Defensive Layers
Figure-1: Most common Intruder methods used against home computers This layered approach is required since even the most expensive firewall controlling network access cannot effectively control traffic content. For example, most firewalls will allow an e-mail attachment containing viruses. These viruses may be cleaned at the operating system layer by anti-virus software if they are recognized. However, if they are of an unknown type, then the final defense is at the data layer where the user opens the e-mail attachment with care. Apart from this, user data is protected by means of rights & privileges and encryption techniques.
To be effective, defensive measures at each layer must be based on the threats to the defended area. The recommended defensive measures at each layer of the defense vary as shown in Figure 2.
Of course home user should consult their system support personnel for advice.
Figure-2: Defense in Depth – Defensive Actions at each layer