What is a Balanced, Layered Cybersecurity Solution?

Cybersecurity is one of the top challenges for any company or organization, no matter what size or industry, you can be a target for cybercriminals and hackers. As these attackers become more and more sophisticated, they are using both technology and human behavior (social engineering) to hack your system. It is vital that companies take an active part in their cybersecurity efforts!

Keep in mind there is no silver bullet

Even though there are security companies claiming in their marketing efforts that installing their software will totally solve your network security issues. Truth is, there’s no one thing or one software that will keep you totally safe. Having a layered cybersecurity plan and continually having your system checked for vulnerabilities is the best and only way to protect your company.

What does “layered security” really mean?

The term layered security can mean different things. At Imagine IT, we think layered and balanced cybersecurity simply means when one layer “fails” there is another layer in place to cover it.


When the RAID (Redundant Array of Independent Disks) in a server fails, you need a backup for that failure. If that backup gets corrupted or fails, you need a backup from the past several days that your users can use. If that backup from a few days ago fails, you need to have a backup from a month ago that can be utilized. If that level fails, you need to have a backup in the cloud that can be retrieved or actually virtualized and used in the cloud. So, you should have at least 7 layers of protection for your backups. It sounds redundant, but in this instance, that is exactly what you want and need…redundant, layered, and secure!

Virus and malware protection

Virus and malware protection must have many layers. For layer 1, end-users are trained to not “click” on stuff they are not sure about. For layer 2, all email is scanned before it enters the user’s inbox. If that fails, for layer 3 the email can also be scanned by the firewall on the perimeter. For layer 4 within Office 365, there is Advanced Threat Protection (ATP) that actually opens each email and determines if there are viruses. You should also have services like Cisco Umbrella as a 5th layer that goes out to websites before the users land there to make sure the website is not infected.

User access

For your employees or other users to enter your system, you need a unique user name and unique, complex changing passwords that are at least 14 characters, along with dual-factor authentication and/or biometric authentication (fingerprints). You should also use other heuristic methods of authentication that include things like “impossible travel” when a user logs in from Minneapolis and then 5 minutes later from Russia, which is “impossible travel”, the system will deny access.

Consistent monitoring and reporting is critical

To have a successful layered security program it is imperative that your system is always monitored and there is a system for reporting any critical invasions. This includes an experienced person to monitor the system on top of all the security layers you have implemented in your total cybersecurity plan.

A balanced, layered approach will keep you secure

Cybercriminals and attackers will hit you across multiple layers, so this means your security must also be layered. To stop experienced attacks, your cybersecurity layers must be capable of slowing the attack down and allowing the network monitors to detect the hack before any damage is done.

As these cyberattackers continue to learn new ways to get through your defenses, it is critical that you choose a company that will put all these layers together…and help add new layers to your cybersecurity when necessary.