Layer 5 - Access/Security Gateway - Yellow

There are two kinds of security in a computer system. The first is "front door" security. The second is "back door security." An effective security model is one that does both well. There aren't very many.

Front door security is a subset of the business model of the organization. Who do you let in the front door and why? What do you allow them to do once they enter? Front door security is the responsibility of management. Who else would know who should be ushered in and how they should be treated?

Back door security is just that. How do you keep hackers and others away from the system – from the back door when you aren't looking or from cracks in the walls or windows? Back door security is a technical responsibility and a challenging task.

Security is more problematic if distinctions between the two kinds of security are not clear. Security is virtually impossible to achieve if managers and technologists are not confident in the ability to control both "front door" and "back door" forms of access.