4.1. Security Architecture Models

💡 First Principle: Security architecture starts with choosing the right infrastructure model and designing it with security built in rather than bolted on. Think of it like building a house: you don't add the foundation after the walls are up. Cloud vs. on-premises, segmented vs. flat, centralized vs. distributed — each decision has security implications that cascade through every other layer.

What happens when architecture decisions are made without security input? Organizations end up with flat networks where a single compromise gives attackers access to everything, cloud deployments with misconfigured permissions exposing data to the internet, and IoT devices with no segmentation sitting on the same network as financial systems. Retrofitting security into a poorly designed architecture is expensive, disruptive, and never as effective as designing it right from the start.

Consider a hospital network: medical devices need network access but can't run antivirus. Guest Wi-Fi must be available but isolated from clinical systems. Administrative systems need internet access but must be segmented from the devices controlling life-support equipment. Every architectural decision is a security decision.