Good article. Users have been conditioned to believe the threat to the security of their data is malware injected from an external source. Probably because that used to be true but today it is an outdated threat model. Todays main threat is from the platform itself, and the criminally minded people in control of the development of both hardware and software technology who design in devious methods of facilitating the theft of data and weakened security while maintaining plausible deniability. While people continue to live in denial to that, the current insane trend will continue.
Well said. The only thing I'd alter is "people WILL continue to live in denial to that, hence the current insane trend will continue" Of course this is not a popular thought, but it what it is. We have long gone over the tipping point. Time will tell if I'm right about this slippery slope continuing right into hell.
Actual many gov. security sensitive orgs. employ a variation of this already. They use separate networks. By separate networks, I mean everything is separate with all hardware duplicated down to each user work station having a separate desktop computer with monitor attached for the Internet facing network and the internal production network. The internal production network is further isolated in that the production servers are not directly accessible from it.
I've been advocating that too in my posts here at Wilders. The buzzword in IT right now should be, de-networking. There are linux applications, mini modem I think is one of them, using the old dialup modem protocols to transmit files by audio to and from airgapped systems, this avoids potentially compromised, physical transfer media. I am working on porting one of them to Android while adding encryption and file verification checksums.