Langa Letter: How Much Protection Is Enough?

Peaceful Coexistence
If you chose and deploy your security tools wisely, you also can increasingly layer them to provide whatever level of defense you require without running into interference and performance problems. In my case, for example, not only do I have the server-level and desktop-level firewalls and antivirus scanners in operation, but I also use a desktop folder-encryption tool to scramble the contents of some especially sensitive material on my system. An intruder would first have to find my LAN's unpublicized IP address (it's separate from my public Langa.Com domain), break the main firewall, defeat the LAN's intrinsically secure setup, find my machine on the LAN, defeat the secondary firewall there, then break the 192-bit Blowfish encryption of my protected folders before he or she would get to anything even remotely sensitive.

While no system (including mine) is 100% hack proof, if you make your system harder to break into than the next guy's, most hackers/crackers will opt for an easier target and move on. And that's just what you want.

So, to me, the key to online security lies neither in complacency nor paranoia, but in carefully choosing and deploying at least two different and complementary defensive layers, and increasing the layers up to the least number that provides the amount of security desired--without duplicating tools at any one layer.

As such, I believe that everyone--no exceptions--should have at least a two-layer defense and that the "let one firewall do everything" people and the "throw in every security utility you can find" crowd are both wrong.

But what's your take? Is my "multiple layers" advice in itself paranoid? Can one solid, defensive layer really do it all? What security tools do you use? Which ones would you recommend and which would you warn others to avoid? And if you could design an ideal security setup, what would it be? Share your thoughts in the Listening Post discussion area!