Employ simplicity as a tool used to keep your systems running securely and efficiently. Simplicity helps eliminate network clutter, performance issues, cost, and reduces risk. Give yourself the space to step back, analyze and test carefully to ensure all your systems and networks meet a secure standard. Streamlining processes greatly enhances uptime and quality of service, as well as aiding in secure systems.
Bruce Schneier, in 1999, wrote for Information Security, "You can't secure what you don't understand." His predictions hold true:
-
As systems get more complex, security will get worse.
-
As systems become more interconnected, security will get worse.
-
Unless manufacturers are held liable for security failures, security will get worse.
"The only way to evaluate the security of a system is to analyze it. This is a time-consuming and expensive process, and almost no one bothers to go through it. If they did, they would quickly realize that most systems are far more complex to analyze, and that there are security flaws everywhere."
For more, refer to Schneier's A Plea for Simplicity.
Further evidence supporting the benefits of simplicity, while decrying the challenges created by complexity, was posted recently by Dr. Gene Spafford of CERIAS, on their blog. As an example, "It is simple that complexity creates problems…the security implications of all this complexity have been obvious for some time." You'll find the entire post enlightening.