Exposure and Risk
You must understand that security is really “risk management” or “risk mitigation.” It can be very difficult to completely secure an application or environment. However, you are able to control or limit damage by following certain practices. Your data and applications have different levels of security requirements depending on the exposure endpoints (an exposure endpoint is defined by who is using the application and data). Figure 16.1 shows a simple matrix of data and application sensitivity versus the exposure endpoints of that application. By definition, the more external facing your application is (such as to the Internet) and the higher the sensitivity of the data involved, the higher risk precautions you have to take. ...
Get Microsoft® SQL Server 2012 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
