Why you should build security into your system, rather than bolt it on

Carbon monoxide is colorless, odorless and tasteless. You don’t even know it’s there until it kills you. 

You may be facing your own silent killer: your delay. When you postpone security until later in the software development process, that delay costs you enormously in both obvious and unexpected ways.

I get it: you need to develop and release as fast as possible. There’s enormous pressure to hit milestone dates. The reality, though, is that security really can’t wait. Security is part of what makes a product viable — your customers expect your software system to be secure, and if you fail to deliver on that, you fail your customers. It also costs more and creates massive headaches if you postpone it.

But if you do security earlier in the process, there’s a really beautiful upside: not only does that deliver better security, it also makes it easier and less expensive!

“Build security in” vs. “bolt security on”

These concepts have become commonplace amongst the security community, but what’s the practical difference between them? The former is when security is part of the development process; the latter is when security is not considered until later.

Consider my friend’s incredible roof deck: it

Read More: https://resources.infosecinstitute.com/topic/why-you-should-build-security-into-your-system-rather-than-bolt-it-on/