Security Principles#

Good cyber security principles are crucial for creating a solid new product.

Security by Design principles#

When embracing the Security by design approach you must embrace at least the following principles:

  • Minimise attack surface area

  • Establish secure defaults

  • Least privilege

  • Defence in depth

  • Fail securely

  • Don’t trust services

  • Avoid security by obscurity

  • Separation of duties

  • Compartmentalise

  • Data is always protected. In transport and in transit.

  • Design for secure updates

  • Implement least privilege

  • Separation of privilege

If you think a principle is not applicable for your situation: Think again. Or better write down your motivation and ask for an expert review on your motivation.

Learn more#


Learn more about security principles Do not reinvent the wheel by defining your own security principles. Make use of already good defined and battle tested security principles. In the Open Security Reference Architecture you can find a set of solid security principles.