What is a Security Tech Stack?

First, the term “stack” is used because it describes layers that deliver services and exchange information to achieve a higher-level service. The concept of a “security stack” communicates that security must be an integrated set of services.

Every layer is a particular technology with its own features. The security stack needs to be designed from the ground up, knowing that security is a vital network element, just like multiple blueprints (electrical, plumbing, flooring, etc.) are required to construct a safe and stable building.

So, what would be a bare-minimum security stack?

• Email security: Protection from email-borne threats
• Firewalls: A barrier between a trusted and untrusted network
• Anti-virus: Protection for endpoints in the business
• DNS Filtering: software that blocks threats before they reach your network

In addition to these bare-minimum security tools, we recommend:

• Security Awareness Training to educate and build your human firewall
• Multi-factor authentication to verify a user’s identity
• Patching and vulnerability management to decrease vulnerabilities

That said, many other layers (tools) should be added to protect your organization. Below is a picture of a security stack that a managed security service provider (MSP), like Yeo & Yeo Technology, can create for their clients. The layers together provide a higher-level service and include some of the bare minimum listed above. 

Are you interested in building a comprehensive security stack for your business? Contact us today.

Information used in this article was provided by our partners at KnowBe4.