When an individual, team or company has, unfortunately, been fighting a losing battle for months or years it is time to think bigger. Fighting against an invisible threat that seems to keep bypassing whatever strategy a you are using to protect yourself can be extended. If you look at air safety where your life is in strategy to keep a plane safe … there are many layers of protection that have to fail before something serious brings the plane out of the sky.
In game theory a winning player or athlete has many small factors all lined up to add together to give them a higher performance than their competition. So how does that translate to hacking and network and computer security. You know there are gaps – but getting through a single gap should not expose you to more and more problems … you should assume that all your defenses have vulnerabilities and can be breached.
It is also easier to make at least a basic effort on many layers than to put all your time into getting a single “layer” perfect. Perfection is very expensive in time and money. To be honest, you’ll not get perfection buy just buying a product from a company – all you are buying is a sales pitch and those rarely match the reality.
5 Layers to Secure your Office and Home
1. External Firewall IP and Server blocking lists with features such as IDS Intrusion Detection System (SNORT). We implement via pfsense hardware software and become your maintainer. Your commercial “router” doesn’t really have a firewall in most case
2. Internal Firewall – Password configuration on your PC itself. Making sure Microsoft Updates and config, Bitdefender are functioning.
3. Browser Defense – Sandboxie is a free product we can train you to use – virtualize changes to your PC where they don’t infect you instantly when you hit the wrong internet address.
4. Account Management (including 2FA protection) – your emails need extra protection or everything is at risk. Do you use or manage your two factor authentication properly. If you use a phone number to get SMS, that is quite unsafe and has lead to many people getting robbed!
5. Advisory and decision making
Some kind of understanding of all the above and how to ensure you work within safe limits. To be disciplined about how and what you will open via email, websites … and who you will trust. Even checking that the people who you trust are really talking to you by calling them or confirming they are who they say they are. This is only moderate security – its a minimum safe standard