| Layering |
Layering involves implementing multiple security strategies to protect the same asset. Defense in depth or security in depth is based on the premise that no single layer is completely effective in securing assets. The most secure system/network has many layers of security and eliminates single points of failure. |
| Principle of least privilege |
The principle of least privilege states that users or groups are given only the access they need to do their jobs and nothing more. When assigning privileges, be aware that it is often easier to give a user more access when it is needed than to take away privileges that have already been granted. |
| Variety |
Defensive layers should incorporate a variety of methods. Implementing multiple layers of the same defense does not provide adequate protection against attacks. |
| Randomness |
Randomness in security is the constant change in personal habits and passwords to prevent predictable behavior. |
| Simplicity |
Security measures should provide protection but not be so complex that it is difficult to understand and use. |
No comments to display
No comments to display