The key benefits of implementing secure by design is that you can maintain the highest level of security with the lowest cost because you’re starting to think about security right from the start and incorporating it into the technology and the business process This makes security as invisible as possible to the user so that you can maximise adoption.
So security is one of the key things we need to approach in any design that we build today. Security threats out there are wide-ranging and ever-growing so we need to make systems as secure as we can from day one.
Secure by Design is important because trying to embed security after the fact is incredibly difficult. So, if you’re setting out to design a new thing or build something - whether it’s a new capability, a new technology, a new application - thinking about security from the start means you’re going to have the right security model, it’s going to fit the purpose it is intended for, and be ideally as invisible as possible to the end user of that service.
When we talk about Secure by Design we mean building security principles into everything that you do day to day when you’re thinking about IT. This is really important as it means security is not an afterthought. We’re not trying to secure the edge or perimeter as people often talk about. We’re building in deep layers of security, and thinking about different levels of security: be that in encryption, be it authentications, integration, or just what’s normal, to understand how we interact with the systems.

Contributors
Dan Sloshberg – Product Marketing Director, Mimecast
Peter Wilson, Technical Design Authority - IT Lab
Michael Bateman, - Director of Cyber Services - IT Lab

свернуть