Before you can design a secure digital service it's important to understand a few things first:
- Understand the purpose of your service and the data you will need to operate it
You must decide what portion of your expected data holdings you need to protect, and to what extent. Work with the risk owner for your service to determine which losses and impacts are acceptable and which are not.
- Understand the role your suppliers play in securing your service
The suppliers you use to help build and operate your service play a vital role in helping to keep it secure. Being clear about your intentions and requirements for security in your contracts with suppliers is important, but being over-prescriptive can lead to adversarial behaviour.
It’s better to build a shared risk proposition with suppliers so they are invested in doing the right thing, rather than just fulfilling a contractual obligation.
- Take an end-to-end view of your service rather than focusing on part of it
You should understand how user interactions with your service translate to messages or interactions within it. Take account of every possible point at which data could be stored, processed and rendered. There are a number of areas which are regularly overlooked, such as the end user devices used to access your service.
- Ensure the governance arrangements for your system are clear. Everyone involved in securing the system needs to understand their responsibilities
Good governance implies effective control over the security of the service and of the data held. Where trades need to be made between security, usability and cost, it’s important to makes those trades with an awareness of all potential implications.
When it comes to responsibilities for security, ensure that the right people are empowered to protect the service and accept that this could mean giving relatively junior people the ability to degrade the service in response to external events - without reference to senior management.
More information on these points is included here.