An important principle of security engineering is defense-in-depth. There should never be a single point of failure that would allow for the whole system to be compromised.

Redundancy is vital because no matter how much attention a team puts into secure engineering, perfection is beyond reach. Although we limit our use of 3rd party software significantly, we do use some proprietary and open-source systems. Vulnerabilities and bugs are regularly discovered even in fundamental software like operating systems that are developed and supported with multibillion-dollar engineering teams. Our system’s security should never rely on its components being bug-free.