Definition

security by design

Ivy Wigmore

By

Ivy Wigmore

Security by design is an approach to software and hardware development that seeks to make systems as free of vulnerabilities and impervious to attack as possible through such measures as continuous testing, authentication safeguards and adherence to best programming practices.

An emphasis on building security into products counters the all-too-common tendency for security to be an afterthought in development. Addressing existing vulnerabilities and patching security holes as they are found can be a hit-and-miss process and will never be as effective as designing systems to be as secure as possible from the start.

Security by design is rapidly becoming crucial in the rapidly developing Internet of Things (IoT) environment, in which almost any conceivable device, object or entity can be given a unique identifier (UID) and networked to make them addressable over the Internet. One of the major challenges of IoT security is the fact that security has not traditionally been considered in product design for networking appliances and objects that have not traditionally been networked.

The security by design model contrasts with less rigorous approaches including security through obscurity, security through minority and security through obsolescence.

This was last updated in July 2015

Continue Reading About security by design

Internet of things demands security by design

Thirteen principles to ensure enterprise system security

Why networks should apply Security by Design principles

Does your system design eliminate the top 10 software security flaws?

What is wavelength?
Wavelength is the distance between identical points, or adjacent crests, in the adjacent cycles of a waveform signal propagated ...
subnet (subnetwork)
A subnet, or subnetwork, is a segmented piece of a larger network. More specifically, subnets are a logical partition of an IP ...
Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP) is a standard protocol on the internet that ensures the reliable transmission of data between...

What is a computer exploit?
A computer exploit, or exploit, is a program or piece of code developed to take advantage of a vulnerability in a computer or ...
What is malware? Prevention, detection and how attacks work
Malware, or malicious software, is any program or file that's intentionally harmful to a computer, network or server.
What is exposure management?
Exposure management is a cybersecurity approach to protecting exploitable IT assets.

CIO

What is a startup company?
A startup company is a newly formed business with particular momentum behind it based on perceived demand for its product or ...
What is a CEO (chief executive officer)?
A chief executive officer (CEO) is the highest-ranking position in an organization and responsible for implementing plans and ...
What is labor arbitrage?
Labor arbitrage is the practice of searching for and then using the lowest-cost workforce to produce products or goods.

organizational network analysis (ONA)
Organizational network analysis (ONA) is a quantitative method for modeling and analyzing how communications, information, ...
HireVue
HireVue is an enterprise video interviewing technology provider of a platform that lets recruiters and hiring managers screen ...
Human Resource Certification Institute (HRCI)
Human Resource Certification Institute (HRCI) is a U.S.-based credentialing organization offering certifications to HR ...

Customer Experience

What are virtual agents and how are they being used?
A virtual agent -- sometimes called an intelligent virtual agent (IVA) -- is a software program or cloud service that uses ...
What is first call resolution (FCR)?
First call resolution (FCR) is when contact center agents properly address a customer's needs the first time they call so there ...
What is the law of diminishing returns?
The law of diminishing returns is an economic principle stating that as investment in a particular area increases, the rate of ...

Close