A common misconception concerning network security is the meaning of the term “defense in depth”. To understand this, think about the following: You’re afraid of people breaking into your home, so you do the following: You install three locks on your front door, one of them a combination lock. You then write the combination on a piece of paper and lock it in a small metal box that has a padlock. You place the key for the padlock in an envelope and hide it in volume D (for Defense in Depth) of the Encyclopedia Brittanica on your bookshelf. You then place the locked metal box containing the combination for your front door lock in a fireproof safe. You write down the combination for the safe and hide it under the sofa cushion in your den. Meanwhile, the keys for the other two locks are hidden in the kitchen, one in the cookie jar and the other in a box of baking soda in your refridgerator. And that’s only the front door…
A lot of network security nowadays is just like that: make a bunch of tweaks to your systems to make them more secure, and tweak the tweaks to be extra sure they’re secure. Unfortunately “using multiple recursive layers of tweaks” is not what “defense in depth” means at all, and such tweak-squared systems are actually likely to be less secure rather than more secure for several reasons:
- It’s easy to forget some of the tweaks you’ve done, and forgetting anything about your system’s configuraiton reduces its security because you won’t know how to react properly to newly discovered vulnerabilities.
- Some tweaks are likely to undo the effect of other tweaks, again reducing your system’s security instead of increasing it.
So please, don’t download a security guide from somewhere and apply all 643 tweaks to your server and call it defense in depth!
