The layers of controls were just described from the inside out. However, while reacting to Internet threats it is natural to emphasize the outer layer of network controls. With threats escalating and the market for technical solutions expanding, the result can be a hard, crunchy shell around a soft center. This may seem analogous to the fortress castle with the strongest protection at the perimeter, the reality of Internet is that some threat communities have substantial resources resulting in frequent attack leveraging high capabilities; some will get through the perimeter. It is paramount to have effective security controls for all system layers.
The requirement for using complex passwords have been the best practice for many years. Unfortunately, the goal has been difficult to achieve, relying on users to remember multiple passwords that may not be particularly memorable. One of the fundamental control improvements relating to the increased capabilities of threat communities is the implementation of two-factor authentication.
Copyright © 2019 Christopher T. Carlson
Return to Defense in Depth