Layered Defense in Depth Model for IT Organizations

Security methodologies are constantly changing and improving hence becoming a challenge for IT organization to keep their posture up-to-date and effective. It may be productive to examine different security postures to create and improve organization’s information security architecture. This paper discusses about defense in depth model and strategy to implement it effectively. Also fructification of each layer of model presents vast variety of implementation alternatives and adoptability according to the design and architecture of organization. Tactically, security is incomplete without proper assessment of assets, risks associated with them and policies to control these risks; the outermost layer of the model covers all these aspects. Well defined policies and procedures aid in designing best security practices for any organization. Security issues do not solve magically but administrators have to evaluate different methodologies to consider as best practice for their organization. Keywords—Defense in depth, Information Security Methodology, Network Defense, Network Security, Security Architecture,