System infrastructure for cyber security is commonly divided into three tiers of infrastructure that breaks it down into separate silos presentation, applications processing and data management. This foundation of three modules that was developed by Open Environment Corporation (OEC), allows developers to exercise flexibility in reusing, replacing, adding or modifying software functions to client-server architecture.
The top tier is a user interface that presents direct access to services in an easy-to-read display. It interfaces with all the other tiers of the network, including the browser/client layer. For maximum cyber security, this tier can be designed to be a server within a server including a server within a database server. Such an arrangement allows for diversity in server locations.
Domain Logic Tier
The second tier controls functions of the architecture, such as applications processing and business rules. It can be organized as a web server integrated with a web application and/or database server. The logical tier is where cyber security managers have access to establishing and adjusting security risk management policies. It’s an exclusive access tier that allows senior management to collaborate on testing and assessing various security features.
Data Storage Tier
The third tier comprises data management. It’s a tier that allows IT professionals to conduct regular security procedures, such as continuous monitoring for cyber security threats, without affecting set policies of the overall framework. It’s where backups can be stored and accessed in the event of a disaster. This tier provides the IT team with instructions on how cyber security procedures implemented in the logical tier have been updated for risk-based management decisions.
Cyber security software fits into architecture that can be divided into well-defined tiers of servers that allows for efficient and flexible upgrading when new technology needs to be added. Each server of the system has a specific purpose and is independent of the other tiers, allowing for a new operating system to be installed in the user interface without affecting the other tiers. At the same time data can be transferred between all tiers. Ultimately, the three-tier system provides the most protection possible against cyber threats.