Security is essential to protect company data and integrity of computing assets belonging to or connecting to an organisation's network.
Every organisation should have:
- Three lines of defence
as in the graphic below
2. Basic security measures
- Leadership commitment is the key to cyber resilience - it is necessary to establish or enforce effective processes.
- Staff awareness training - human error is the leading cause of data breaches
- Application security - web application vulnerabilities are a common point of intrusion for cyber criminals
- Network security – to protect the usability and integrity of your network and data
- Password management - almost half of the UK population uses ‘password’, ‘123456’ or ‘qwerty’.
3. A secure mindset baked into Product development
A natural and necessary response to the bottleneck effect of older security models on the modern continuous delivery paradigm. The goal is to bridge traditional gaps between IT and security while ensuring fast, safe delivery of code. Silo thinking is replaced by increased communication and shared responsibility of security tasks during all phases of the delivery process.
Cyber Security is a topic in itself and the subject of another post.
Be mindful of security... with evolved ways of working there are evolved methods of gaining access. It only takes one major hit for your business to become another casualty.
Security is a major topic, so we've kept this post as a short reminder of what needs to be considered. If you'd like help understanding what you nned to do to design in security to your products, rather than trying to secure your organisation as an afterthought, then we'd be pleased to have an introductory call.Get in touch