“‘[E]ntities must not be multiplied beyond necessity.'” Per Wikipedia, September 17, 2014. A principle variously stated, generally along the lines of the simplest explanation is preferred over the more-complex one.
“Insurance Site’s Frailties Detailed,” Wall Street Journal, September 17, 2014 A4. Report on a study by the GAO on security weaknesses of HealthCare.gov.
HealthCare.gov is an amalgamation of a bunch of other sites, with multiple connections and numerous contractors, rather than a single site, built from scratch. “Many of the problems stemmed from … disagreements about security roles and responsibilities with the various contractors, states and federal agencies that exchange information ….”
Are your information systems unnecessarily complex? Are they too complex to secure against attack? Is there a simpler solution?