Security: the home alone way
Applications overtime have been prey to hackers from various parts of the world. Whether it be for research, malicious intent or fun. This costs companies billions of dollars yearly and causes IT firms to work overtime to patch high priority issues.
But why do we play prey all the time, leaving vulnerabilities in our applications open to hackers due to a lack of proper vulnerability checks or missed vulnerabilities? Attackers make use of these vulnerabilities to exploit the application and either slow down business by stealing sensitive documents or carrying out other malicious acts. But what if there was a better way, a safer way?
In the real world, we build systems all the time which are vulnerable to exploitation and over time we’ve found ways to handle illegal trespassers by placing check systems in various parts of these systems such as alarms. Like hunters, we set traps and when attackers try to access these systems we get to know.
Back in the application world, we could create subsystems that serve as traps to capture any possibility of intrusions. As simple as this idea is, why then are developers not doing this and engaging in this, rather spending more time reacting to attacks. We should be on the offense but we’ve been more on the defense.
Hack yourself and by continuously discovering loopholes in your own system you limit the number of items and people that can potentially cause harm to your applications and systems.
Here are some reasons why we pay less attention to building highly secure data
Predicting the future is a full-time job
It is hard to predict the future. We can shape how people interact with our future but we can't predict in entirety how they would behave. Considering all factors when trying to predict possible security exploits that a hacker can carry out takes time and a lot of thought. Dare I say to be good security expert you must have been a pretty good hacker yourself or preferably have the potential of becoming one. However, one way to ensure you close as many holes as possible is to first break own systems. “Hack yourself” and by continuously discovering loopholes in your own system you limit the number of items and people that can potentially cause harm to your applications and systems.
Very, very cost-inefficient
The cost of production can also limit how we build these systems. Having to implement high level security procedures on your application can be time consuming and hence less cost-effective. For large applications, this might be less of a considerable problem. however for small and medium applications, this is definitely a thing to consider. Also, the size of the files can be impractical and this makes the application consume excessive space which becomes problematic and makes things slow. The solution to this lies in using lightweight libraries for security checks and following strictly the no code repetition rule.
We really need to be on the offense when it comes to securing our applications because data is key in our transactions and we need to ensure we can protect people in the best ways possible.
Are there better ways of securing our data?
How can we create lean security files?
How will AI aid security and data protection methodologies?
Don't leave security to chance, hoping no one breaks in. At some point, someone will. “Go hack yourself first”.
Like comment and share : )
