So why do it with your IT systems and sites?

Cyber threats are evolving – fast – and a breach not only affects reputation, it has an impact on finances, operations, and compliance.

That’s why businesses should embed security from day one using a secure by design principle with data protection baked into operations, says Rod Farry, Sequel’s Lead Developer, in our latest Digital mICdrop podcast.

And when you have your framework updated and secured, you need to lock down everything around it, he adds.

“MFA and TFA – multi factor and two factor authentication – is a no brainer,” he says. “And nor is authentication just for emails or banking – at Sequel we use it for admin panels, code repositories, even cloud hosting accounts – anywhere it would cause a big problem if it was hacked. It’s one of the simplest and most effective security measures you can take for your personal as well as business accounts.”

Rod goes on to cover common blind spots that leave businesses exposed, such as reliance on packages produced by other developers. “If just one of these is compromised it could open a back door to the whole system, which is why we constantly monitor potential vulnerabilities and sign up for security patches before, rather than after, they are needed.

“Security isn’t something you can tack on at the end,” he concludes. “If it’s built into the project from the start it’s easier to manage, less costly to fix and you avoid nasty surprises later. My tip is to involve developers early in a project so they can spot potential risks before coding even starts, suggest safer ways of doing things and make sure that design and functionality work hand in hand with security – not against it.”

Listen to the full podcast here