Layered security

From Wikipedia, the free encyclopedia

Layered security is a new term used by information protection and online security vendors that describes the practice of leveraging several different point security solutions to protect the digital identities and information of consumer, enterprise or government environments.

Vendors will sometimes cite differing solutions, but most can be grouped under consumer or enterprise categories.

Consumer Layered Security Strategy
• Extended validation (EV) SSL certificates
• Multifactor authentication (also sometimes known as versatile or two-factor authentication)
• Single sign-on (SSO)
• Fraud detection and risk-based authentication
• Transaction signing and encryption
• Secure Web and e-mail
• Open fraud intelligence network

Enterprise Layered Security Strategy
• Workstation and network authentication
• File, disk and removable media encryption
• Remote access authentication
• Network folder encryption
• Secure boundary and end-to-end messaging
• Content control and policy-based encryption

An ad-hoc security strategy can be sub-optimized with numerous vendors and an abundance of different, sometimes incompatible, security solutions and products. Seeking an entire layered security solution from a single vendor can sometimes help create interoperability, efficiency and cost-effectiveness.