To protect themselves against intruders, societies in the past designed castles with moats, drawbridges, archers, etc. All these lines of defence enabled people to protect themselves and their property.
Protecting your business is done in the same way: you need multiple layers of protection to effectively defend against .
Examples include:
- managing and securing access to your IT system and network (more information in Theme 4 "Key Roles: Share the Responsibilities");
- protecting yourself with a firewall;
- equipping yourself with anti-virus and/or software, an intrusion detection system (IDS) and an intrusion prevention system (IPS), spam filters and filters, etc.;
- envisaging secure remote access to your network, via a virtual private network (VPN), if you are teleworking or working nomadically;
- securing your servers, if they are physically within your . If you use services for your IT infrastructure, make sure you have a backup solution if a problem arises with remote access to the virtual servers (internet outage, cyber-attack on the data center hosting the servers, etc.).
To use the castle analogy again, your firewall and access management are the walls around your and its drawbridge respectively: they serve as the first line of protection against intruders and allow you to grant access only to selected individuals.
The and anti-virus software represents your archers at the top of the towers, who can shoot at known enemies.
The intrusion detection system and intrusion prevention system (IDS and IPS) are the equivalent of your intelligence services. They help you detect when an enemy is pretending to be one of you.
Your spam and filters are your policemen, protecting your population.
As for the VPN, this is a bit like a secret passage that securely connects the outside world to your castle (for teleworking, for example).
Finally, your servers are your treasury, where you store a lot of . Your servers can be physical or virtual, which will be the case when you put all or part of your infrastructure in a .
Of course, just as not even the best castle defences were infallible, remember that not all your digital tools are perfect either. You can have a or tool and still get infected!
That is why it's important to update your digital tools (see Theme 7 "Updating: Stay Prepared") and train yourself and your employees, if you have any, to detect a attempt, spam, etc. (see Theme 3 "Raise Awareness: Your Plan in Practice").
Remember
- Castle in the Middle Ages
-
- Proliferation of lines of defence:
- perimeter walls;
- drawbridges;
- archers;
- intelligence services;
- police;
- underground passage
- etc.
- Cybersecurity for your business
- Proliferation of lines of defence:
- firewall;
- access control;
- and anti-virus;
- IDS and IPS;
- spam and filters;
- VPN
- etc.
Remember: your is not infallible! Always be prepared (theme 7) and raise awareness (theme 3).