For those who are new to the world of cybersecurity, it may seem disheartening to know that every security measure can (in theory) be defeated. There is a question of difficulty, but there is no known way to make your devices completely hack-proof. For instance, encryption does a great job of hiding your data, but it can sometimes be circumvented with social engineering attacks, keylogging malware, or other sneaky means.
Or, for another example, consider a firewall. It does a great job of protecting against previously-identified threats but is useless against unknown attacks. When you consider the fact that all of these measures have weaknesses, you might be asking yourself: How can I achieve good cybersecurity? In this article, we will explain one of the only solutions that can be trusted, and that is the concept of layered security.
Proof Of Concept: The TOR Network
We hesitate to mention the TOR network because it is often used for illicit and illegal purposes. However, it is also used for a lot of other things, particularly in countries that exercise a lot of online censorship. It has proven to be one of the most secure ways to access the internet, so it warrants a closer look. As you might have already guessed, it operates on the concept of layered security. As such, it provides us with a valuable proof of concept for this approach.
TOR stands for “the onion router,” and it is so named because it uses many layers of encryption. If someone manages to get through one of those barriers (which is no easy task in itself), there are still plenty of other layers that separate them from their objective. But, is it possible for a dedicated hacker to get through all of those layers? Probably not, because we cannot find a single case in which it has happened. That being said, people on TOR have been doxed through correlation-based methods and through compromised end nodes, so even TOR is not completely airtight.
There is evidence to show that the federal government has spent a lot of time and money on efforts to crack the TOR network. That kind of effort would not be necessary unless it represented a tough nut to crack. Of course, the average hacker does not have the expertise or resources of the FBI, and even they have a hard time with this one, so we can see that the concept is good.
How Does Layered Security Work?
The TOR network is just one example of how layered security can be deployed. Another example would be a Linux-based operating system called Qubes. It’s an entire operating system based on the concept of encrypted compartmentalization. Instead of using various layers of network encryption, Qubes divides the hard drive into a number of encrypted “containers.” Thus, we can see multiple layers of security here.
There are plenty of other ways in which layered security can be used. The basic idea is that you make it much harder for a cyber-criminal to get your data by separating everything. Each layer is like another gate that must be rammed down before the hacker can reach their goal. After a certain point, intrusion becomes either impossible or near-impossible.
Layer 1: Your Perimeter
Your perimeter layer consists of anything that has direct contact with other devices. Obviously, your internet connection is the biggest part of this layer. Your connection to the server can be encrypted so that all data remains inside an encrypted tunnel. This tunnel has walls made of encryption, so it’s very hard for anything to get through. With how fast the data is traveling, there is no time for a brute-force attack, either.
There are three ways that you can encrypt your network connection:
- A VPN
- An encrypted server
- Web browser encryption
The VPN is probably the most simple (and also the most reliable) of the three. Web browser encryption is usually of the HTTPS variety and can be utilized on many websites. You can use browser add-ons like HTTPS everywhere to maximize your usage of this encryption. As for the encrypted server option, that is definitely the most hardcore option. If you need to be absolutely sure about your security, a trustworthy server is a must, but it isn’t necessary for most people.
Layer 2: Software-Based Solutions
If an attacker should manage to get past your network encryption, the job then falls to your security software. First, let’s talk about firewalls. These are programs that choose which connections are allowed and which ones are not, according to a “safe” list. By keeping your firewall updated, you can ensure that any known threats will be blocked here.
Antivirus software is another part of this layer, but you can’t really rely on its protections. You should look at your AV software as an early-warning system and nothing more. Device management software is very important for large organizations, and it is also part of this layer. Computer IT services should be consulted to determine the kinds of rules that are to be used.
Layer Three: Recovery And Mitigation
If something should make it past your software safeguards, they have then reached tier three. At this point, they probably will be able to accomplish some of their goals, but there are many ways that you can cut them off and minimize the damage. Data backup and recovery is a very important thing here, and you need to make sure you have backups that are stored offline. Social engineering hacks also fall into this category, as they automatically bypass layers one and two. When it comes to that, your only real defense is your own intelligence and caution.
This is just a quick and dirty rundown of a much larger subject, but we think you get the idea. Any single security measure can potentially be defeated, but a combination of them is another story. There are many ways in which you can mix protective measures to create the multi-tiered effect that you want. Of course, you can always call PCH Technologies at (856) 754-7500 if you would like to know more. We also offer managed IT support services, so you might want to ask about those as well.