How much security is enough? - That Computer Engineer


Learn | Teach | Explore

Tuesday, April 11, 2017

How much security is enough?

We consider security for the purpose of keeping our sensitive data safe. But we must consider the fact that security never comes free. Security can be exchanged at the stake of money or performance. It just never comes free.

So, the question arises - How much security do we actually need? Security should not be so complex that it interferes with the function of the data.  The question can be answered considering two facts:

1.How much am I gonna lose if I don't use security?
2.How much security is necessary?

Based on this risk analysis, we should try to maintain a proper balance between cost and benefit. Obviously, we don't want to secure a cheap data with a costly security mechanism. In such cases, it is better to use a much simpler security. However, in the case of big tech companies, where they manage some important data, the money spent on security will always remain in balance with the benefit of using the security.

I will come up with some of the features of a good security mechanism in my future posts.

1 comment: