In many ways, digital security works along very similar lines to real-world security. For instance, the more valuable something you have to protect is, the more precautionary measures you take. The best security measures usually happen in layers. In order to reach the ultimate treasure trove or mother lode of valuables, you have to penetrate several layers of security. Each layer is designed specifically to pare down the number of parties with access until only a select few are able to access areas where the items of most value are contained.
How Does Digital Security Work?
Think of a modern secure office building. When you enter the building, you generally have to pass a desk of security guards watching a bank of monitors. The security guards are not just watching who enters the building through the front door, but every access point around the building. That is the first level or layer of security. If something even appears to be suspicious, the guards can go investigate.
Once you make it past the security guards, you may then have to use a keycard to get you past a bank of turnstiles. If you don't have a keycard, you have to go back and verify your identity and your reason for being in the building before security will let you through. This narrows down the number of people that have access to the building itself to only employees and expected visitors.
Once you are in the elevator, you may have to again insert your keycard to access a certain floor and then again to access the outer door to your office. Areas containing more sensitive data or expensive equipment may even use retina or thumbprint scanners to gain access. Each of these checkpoints is a layer of security designed to slowly narrow down who is and is not allowed in various locations.
Internet security is designed in much the same way as real-world security systems. Creating layers of digital security require users to verify their identity and credentials at numerous "checkpoints" throughout the process of accessing the most sensitive data. A number of unauthorized individuals may be able to make it on to an elevator, but that doesn't mean they can access a floor, an office or a secured room within the office. At each checkpoint, credentials are scrutinized more carefully, which offers multiple opportunities for unauthorized users to be identified and denied access long before they reach the most sensitive and valuable material they are after.
What is the Difference Between a Security Breach and a Data Breach?
A security breach occurs any time an unauthorized user gains access to any area they are not authorized to be in. This does not mean, however, that they are able to cause any harm or do any damage. This is exactly the reason for layers of security. You can think of it as being similar to a thief making it into the elevator of a secure building, but not to the floor they are attempting to access much less the secure area where valuables may be stored. A security breach occurred the minute they walked in the door but that does not mean they were able to do harm or cause damage.
The same way security personnel are tasked with apprehending unauthorized users before they actually penetrate secure locations, internet security protocols perform the same function. For instance, most users are not aware that every time they log on to a specific website, the IP address they are logging in from and the unique ID of the device they are using is being checked against stored information from previous logins.
If users attempt to sign in from a new device, it will generally trigger secondary protocols that require them to further validate their identity. These can include things like entering a code sent to a previously registered mobile phone number or email account or answering pre-arranged security questions. This helps prevent unauthorized users from being able to access an account by simply obtaining login credentials such as a user name and password. Even if an unauthorized user gains access to an account, however, they still may not be able to do much once they are in due to further security measures. For instance, they may not be able to change a user's account information in order to take over the account without a biometric scan such as a fingerprint or facial recognition scan.
A security breach occurs as soon as an unauthorized user penetrates one layer of security but multiple layers of security make it much harder to actually access data the security measures are designed to protect. Once data has been accessed, then it is a data breach but until then, it is a security breach.
Ready for the next step?
Spot user behaviors and device information that’s suspicious, and stop those fraudsters in real time. We track billions of devices and our fraud analysts add evidence to make this intelligence even more effective.