When you are dealing with system security, you need to create a secure system from the ground up. This is why you should never need root access to perform your job, even installing software.
The principle of security lies in separation of duty and protecting the core system, even if a component fails.
If you expect a component to fail, and it will, then you are better prepared to deal with it than if it catches you by surprise. There are so many exploits out there that denying a failure or security breach is only for the stupid and naive.
Continue reading