Difference between revisions of "Term:Defense in Depth"

From FISMApedia
Jump to: navigation, search
 
m (1 revision)
 
(2 intermediate revisions by the same user not shown)
(No difference)

Latest revision as of 00:40, 27 October 2009

NSA IATF 3-1

Defense in Depth - An approach for establishing an adequate IA posture whereby (1) IA solutions integrate people, technology and operations; (2) IA solutions are layered within and among IT assets; and (3) IA solutions are selected based on their relative level of robustness. Implementation of this approach recognizes that the highly interactive nature of information systems and enclaves creates a shared risk environment; therefore, the adequate assurance of any single asset is dependent upon the adequate assurance of all interconnecting assets.