|
|
|
|
|
|
by professorTuring
4379 days ago
|
|
|
As a security expert I wouldn't recommend this approach. The "as many layers as possible" is a waste of time and money (an overkill). A proper threat and risk analysis should be done so you can have a cost-effective solution. Security is expensive and maybe the cost of a breach is way cheaper than the security appliance or experts you hire. Sometimes the best security solution is not to have anything, because it doesn't really matter. |
|
|
In my opinion, if the threat could actually be defined, then there would be no security industry. Everyone would know the answer, and everyone would be secure. The reason this industry exists is because you cannot define the threat, it is constantly evolving. Doing nothing because it does not matter (really?), or justifying a lack of security by lowering the value of the customer's data sounds like an unprofessional approach.