Quiz Entry - updated: 2026.06.07
What does a "layered privacy controls" (defense-in-depth) model look like?
No single technique is enough — robust privacy stacks complementary controls: encryption, access controls, anonymization, monitoring & auditing, and incident response.
The layered model, from foundation outward:
- Encryption — protect data in transit and at rest.
- Access controls — limit who can view sensitive information.
- Anonymization — de-identify data before processing or sharing.
- Monitoring & auditing — track access and detect anomalous behavior.
- Incident response — rapid reaction to privacy breaches.
Why layering wins: every control has failure modes. If encryption keys leak, access controls still help; if access controls are bypassed, anonymized data limits the damage; monitoring catches what slips through; incident response contains it. Defense-in-depth means an attacker must defeat multiple independent safeguards.