Sometimes when I talk to customers about improving network security they are quick to proclaim I have antivirus installed on my computers, thank you. But putting your faith totally in antivirus is dangerous, no matter what vendor or brand you use. Any single defense could be flawed. Firewalls, monitoring, awareness training, network audits, anti-virus, and encryption all serve a purpose. They protect a specific piece of the total computing stack that when combined provides a really good comprehensive strategy for protecting data. Layered Security is the basic core tenant for virtually every established security frame work including the International Standards Organization(ISO)27001 and the National Institute for Standards and Technology Cyber Security Framework (NIST CSF). Our recommendations for layered security is based on established and tested security best practices.
Examples of layered security
Layered security is not redundant. Instead, as described earlier it is about compensating for weaknesses in other tools. We commonly prescribe in addition to antivirus, firewalls, backup software, anti-spam and monitoring because they each provide a unique functionality for network security protection.
No perfect tool
I cringe when a customer tells me they have antivirus installed and they are good. I know that there is no perfect single product to protect your entire network. Thinking that technology is an "install it and forget it" solution is a common mistake. You must properly configure, monitor and manage security layers to have any chance of thwarting security mishaps.