ABSTRACT
This chapter explains two sections such as: Protection and Inherent Reliability. Protection aims to minimize possible contact between hazardous things and the process to be protected. Inherent reliability aims to create a process that does not go wrong often, at least when protected. If we imagine moving from outside an organization to some precious data inside it the objective of protection by access restriction is to minimize the number of people who have access beyond each barrier without undue inconvenience to people with a legitimate need for access. Multi-layered access restriction is a way to stimulates thinking widely about possible combinations of controls. Design protection to have multiple barriers and use multiple controls at each barrier to get a good balance between security and convenience. Segregation of duties is a traditional protection control against fraud, but it has its problems. Invest in cognitive ergonomics wherever possible. Design, test, repeat, and repeat again to minimize the mental difficulty of doing jobs correctly.
