Products need to be Secure
Whatever stage of your digital transformation journey you are at, your company needs to stay trading. Digital products need security designed in from the beginning.
Security is essential to protect company data and integrity of computing assets belonging to or connecting to an organisation's network.
Every organisation should have:
- Three lines of defence
as in the graphic below
2. Basic security measures
- Leadership commitment is the key to cyber resilience - it is necessary to establish or enforce effective processes.
- Staff awareness training - human error is the leading cause of data breaches
- Application security - web application vulnerabilities are a common point of intrusion for cyber criminals
- Network security – to protect the usability and integrity of your network and data
- Password management - almost half of the UK population uses ‘password’, ‘123456’ or ‘qwerty’.
3. A secure mindset baked into Product development
A natural and necessary response to the bottleneck effect of older security models on the modern continuous delivery paradigm. The goal is to bridge traditional gaps between IT and security while ensuring fast, safe delivery of code. Silo thinking is replaced by increased communication and shared responsibility of security tasks during all phases of the delivery process.
Cyber Security is a topic in itself and the subject of another post.
Be mindful of security... with evolved ways of working there are evolved methods of gaining access. It only takes one major hit for your business to become another casualty.