If all hosts on a network require password logins, why do we care if an unauthorized user accesses our network? [closed]

Solution 1:

Nobody can answer this for you. If you're comfortable allowing folks into your home because all your valuables are in a safe, as someone else pointed out, then that's on you.

However, security works best in layers. As you point out, let's say I have a file share on my network, and access to the file share requires a password. Now let's say someone who also has access to this network, AND a working password, falls victim to a phishing campaign - if there are any footprints leading back to my network from wherever they got compromised, the bad actor now has access.

Now let's consider another scenario - I have a file share on my network, and it requires a password. I also have to join the network via VPN, which requires Multi-Factor Authentication. In addition, I have monitoring in place to see what accounts are connected, and from what sources, because all the people with access to this network would be expected to be accessing it from my local area. Now someone with all this access gets phished, and a bad actor now attempts to access the file share - they have to navigate the MFA VPN, then they have to hide from my monitoring solution, then they can finally access the file share.

In the second scenario, I'm not an easy target, which will frustrate some into just giving up. In addition, my monitoring will alert me that someone's just connected to the VPN and my network from a non-local source, and I could quickly contact that user to ask if it's really them - if it isn't, you could terminate the connection and immediately change their password, completely stopping the attack.

See the difference?