How to minimize security debt from the start
- Retrofitting security issues requires that you refactor not only code but also human behavior.
- Take stock and build an inventory of all connected devices and applications within your network, locate where all data reside, and audit access to them.
- Secure data travelling within as well as across networks.
- Take special care to secure DevOps projects as they introduce considerable security risks.
- Establish an access management policy that evolves as your organization grows.
- Encrypt data (in rest and in motion), use multi-factor authentication, ensure redundancy, and segment data and systems.
- Build a good incident recovery plan right from Day 1.
Full post here, 5 mins read