Drupal-based Defense-in-depth Strategy Protects Data [August 28, 2014]
By Todd Akers
In medieval times, an intricate combination of towers, drawbridges, city walls, moats and harbors protected castles from all fronts. This intricate system provided an effective and layered defense from potential threats.
As the federal government seeks ways to contain and manage massive influxes of data, IT managers are taking pages out of the medieval defense rulebook by adopting “defense-in-depth” strategies that use complex, multi-layered approaches to information security. With defense-in-depth, federal IT managers use holistic strategies to analyze and identify potential threat vectors, including internal and external threats. In the process, they can secure their defenses as if they were leading the king’s protection forces.
Federal IT managers are practicing defense-in-depth while using open source software like Drupal for web development and content management. In fact, hundreds of federal sites – all of which demand a high level of security – are powered by Drupal.
Drupal offers a firm foundation for the strategy, specifically because it uses open source software that enjoys the support of a global community. This includes tens of thousands of users who regularly engage in peer reviews and vulnerability scanning, resulting in increased reliability and strengthening of core APIs and mitigation of common vulnerabilities. Further, the software is backed by a global team of some of the world’s leading web security experts who are always on-call and available to assess, evaluate and address issues.