Definition

security by design

Ivy Wigmore

By

Ivy Wigmore

Security by design is an approach to software and hardware development that seeks to make systems as free of vulnerabilities and impervious to attack as possible through such measures as continuous testing, authentication safeguards and adherence to best programming practices.

An emphasis on building security into products counters the all-too-common tendency for security to be an afterthought in development. Addressing existing vulnerabilities and patching security holes as they are found can be a hit-and-miss process and will never be as effective as designing systems to be as secure as possible from the start.

Security by design is rapidly becoming crucial in the rapidly developing Internet of Things (IoT) environment, in which almost any conceivable device, object or entity can be given a unique identifier (UID) and networked to make them addressable over the Internet. One of the major challenges of IoT security is the fact that security has not traditionally been considered in product design for networking appliances and objects that have not traditionally been networked.

The security by design model contrasts with less rigorous approaches including security through obscurity, security through minority and security through obsolescence.

This was last updated in July 2015

Continue Reading About security by design

Internet of things demands security by design

Thirteen principles to ensure enterprise system security

Why networks should apply Security by Design principles

Does your system design eliminate the top 10 software security flaws?

subnet (subnetwork)
A subnet, or subnetwork, is a segmented piece of a larger network. More specifically, subnets are a logical partition of an IP ...
secure access service edge (SASE)
Secure access service edge (SASE), pronounced sassy, is a cloud architecture model that bundles together network and cloud-native...
Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP) is a standard protocol on the internet that ensures the reliable transmission of data between...

cyber attack
A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the ...
digital signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or...
What is security information and event management (SIEM)?
Security information and event management (SIEM) is an approach to security management that combines security information ...

CIO

product development (new product development)
Product development -- also called new product management -- is a series of steps that includes the conceptualization, design, ...
innovation culture
Innovation culture is the work environment that leaders cultivate to nurture unorthodox thinking and its application.
technology addiction
Technology addiction is an impulse control disorder that involves the obsessive use of mobile devices, the internet or video ...

organizational network analysis (ONA)
Organizational network analysis (ONA) is a quantitative method for modeling and analyzing how communications, information, ...
HireVue
HireVue is an enterprise video interviewing technology provider of a platform that lets recruiters and hiring managers screen ...
Human Resource Certification Institute (HRCI)
Human Resource Certification Institute (HRCI) is a U.S.-based credentialing organization offering certifications to HR ...

Customer Experience

contact center agent (call center agent)
A contact center agent is a person who handles incoming or outgoing customer communications for an organization.
contact center management
Contact center management is the process of overseeing contact center operations with the goal of providing an outstanding ...
digital marketing
Digital marketing is the promotion and marketing of goods and services to consumers through digital channels and electronic ...

Close