Fundamentals of Security
Building a perimeter of anti-virus applications is not feasible in this digital era as many anti-virus apps are in fact loaded with malware. It has a friendly face then out of nowhere… POW! It does you in your unpatched vulnerability.
Cyber Security boils down to three fundamentals: Prevention, Detection & Recovery.
The idea is to provide layers of defence from the ground up for each stage of your security defences before building your perimeter of of anti-virus layers. When one layer of your defences fails, another layer continues to protect you in its place. This provides you with a multi-scaled contingency plan.
PREVENTION
This can include encrypting files and ensuring the key is out of reach. Prevention by Defence; eliminating access to your files and mitigating the risk of potential compromisation to those files.
DETECTION
Could be setting up something called a canary, which is planting a deliberate trap, then the hacker or malware triggering the canary trap so you are notified when there is a rat in the barracks. This can be in the form of an aptly-titled document like ‘passwords’ to bait a hacker into taking a bite.
RECOVERY
Backup, essentially. Having the ability to recover lost data.
The principal being:
- If you can’t prevent an attack, you have the ability to detect it.
- If couldn’t detect the virus, you have the ability to recover from it.
It is important to utilize these fundamentals of defence but in much greater detail.
Implementing a multitude of defences at each stage on assets you want to protect.
This is not complex. This is a case of maybe altering behaviour if necessary, and using capable technology in the right place to provide you with an in depth approach to defence.