Defense in depth
This continues the data security theme with the most important security principle – defence-in-depth, This means having at least two strong defences against any attack, with monitoring to detect when either is breached.
Recently, we have seen attacks on weather bureaus, ambulances, sporting clubs – hardly “high-value targets”. A decade ago, strong defences applied to banks, government, and such – now it’s for all of us. We can’t turn all software architects into security experts so in these articles I will give security blueprints. You can apply them without fully understanding why you need them, or how they work, and the result will be a more robust system.