Security and obscurity

Many of us are familiar with a concept know as security by obscurity. The term has quite negative connotations within the security community - often for the wrong reasons. There's little debate about whether security by obscurity is bad; this is true because it means the secret being hidden is the key to the entire system's security. Obscurity itself, however, when added to a system that already has decent controls in place, is not necessarily a bad thing. In fact, when done right, obscurity can be a strong addition to an overall approach.

Read the article HERE.