Guidance

Digital Services: Designing a secure digital service

Created:  25 Sep 2016
Updated:  25 Sep 2016
Design your digital services to be difficult to compromise and disrupt. Limit the impact of a compromise and make it easy to detect a successful attack.

Good design should:

  • Make services hard to compromise
    Designing with security in mind means using concepts and techniques which make it harder for attackers to compromise the service using commodity techniques
     
  • Reduce the impact of a compromise
    Design the service with the expectation that it will include some vulnerabilities and that the exploitation of a single one should not result in a significant compromise
     
  • Make compromises easy to detect
    Even if you take all available precautions, there’s still a chance your system will be compromised by a new or unknown attack. If this happens you want the best chance of detecting the compromise
     
  • Make services hard to disrupt
    Service availability is often a paramount concern, and good design can help deal with attacks intended to affect it

We have published a set of security design principles which can be used by technical architects and developers to guide the design process. 

Was this guidance helpful?

We need your feedback to improve this content.

Yes No