Return to blog index

Defending Your Business with ‘Defense in Depth’: How It Compares to Securing Your Home

In this video, Matt explains how the “defense in depth” security strategy can be compared to securing your home by having multiple layers of security measures in place, such as locked doors, windows, alarm systems, and security cameras.

Posted on · Last updated on

Hi, my name is Matt Mulcahy.

I’m the Director of Business Development at ProSource.

And today I wanted to talk about defense in depth.

Defense in depth is an approach to layer security solutions

in order to build a strong security fabric.

This could be very confusing on the business side,

so I wanted to take a look at home security and how it’s very close

to securing a business setting.

I’ve made a simple table here that takes some really basic home

security items, and shows how you can secure a business

in a very similar fashion by layering different types

of security solutions to build a very strong security fabric.

The first item we’ll look at is alarm systems on the home side.

On the business side, the SIEM/SOC combo is a very similar solution.

Security Information and Event Management,

or SIEM is the acronym, is software that is continuously

monitoring all the events and alerts going on in an environment.

And when something not right happens, you know, it’s alerting

that Security Operations Center (SOC)

where a human element is going to investigate

— just like ADT or Simplisafe does when someone breaks

a window or tries to get in, they’re going to call the police for you.

On the business side, that’s really the,

you know, the digital police taking a look at things.

Something fundamental to every home is door and window locks.

That’s stopping people

from getting into your home and it’s really securing the perimeter.

So on the business side, that’s your firewall.

That’s stopping those malicious actors at the edge from

getting inside your digital business.

The next one we’ll look at is motion detectors.

So when you’re away, you want to monitor the environment,

sometimes when you’re home you may want to monitor certain environments.

And on the business side, something similar would be an XDR solution

or an EDR solution, which is really monitoring all of

your digital environments and looking for the things that aren’t quite right.

So when you’re away from your home and something moves,

you want that alert to go off, even if it’s legitimate.

So on the business side, you might see something as legitimate,

but it might be malicious or have malicious intent.

And those XDR solutions are using, you know, behavioral analytics

to understand that something might look legitimate,

but it might be awry and it’s alerting the appropriate teams.

Next is more intelligence focused.

So, you know, you watch the news

every night to understand what are the threats in your community.

It might be a new technology being used to steal cars.

It might be a group that is penetrating your home in a certain manner,

and it’s understanding the threat landscape

and how those actors are using different methods to get in.

On the business side, you need to keep up to understand,

you know, what are the ransomware gangs doing?

What are the malicious actors doing to compromise businesses?

And make sure your cybersecurity planning and strategy

is aligned to protect against those.

This is an easy one.

Install cameras in your home and your business.

Make sure you have a DVR.

Make sure your cloud storage is adequate to retain that footage

for as long as you believe necessary.

It’s common to have a safe in the home.

Those safes are for your most valuable assets.

On the business side, you need to identify

your most valuable assets, and most of the times that’s data.

Depending on what industry you’re in or what business type you have,

that data could be different.

It could be Protected Health Information (PHI), it could be financial information,

it could be CUI — classified, er I’m sorry — Confidential Unclassified Information.

And really, it’s important to identify, encrypt,

and secure that information at a business setting.

Last but not least, you need to know who has access

to your home and know where those keys are.

So you wouldn’t just copy a bunch of keys to your house and give them to everyone.

Or if you have smart locks, you might make codes

that are different for certain people.

On the business side, that’s

really understanding your identities and making sure you know

who has access to your data and your business systems at all times.

So I just wanted to cover, you know, real simply

some home security items, how they align to business security.

And by no means is this comprehensive, but this is just a couple

that came off the top of my head and I wanted to touch on.

So if you have any other questions about layered security or defense in depth

or have questions about other examples, I’m happy to chat.

Once again, my name is Matt Mulcahy.

I’m the Director of Business Development at ProSource

and I hope you have a great day. Thanks.

Speak with an IT expert

Schedule a free, 30-min consultation with one of our IT experts — if, after the call, you didn’t get any value, we’ll buy you a coffee!

Check out our resource library

We’re always adding new content to our digital library. Our blog articles, guides, and customer stories cover a broad spectrum of topics like emerging tech, industry-specific regulations, and security best-practices — just to name a few.