Designing secure solutions
When you are designing solutions aligned to the security pillar, make sure you cover the areas shown in the following figure:
Figure 7.1 – Key design areas
In Chapter 6, Building Reliable Applications, we learned that the first thing we need to acknowledge is that failures can happen in the cloud, and all we can do is find ways to mitigate the failure. Similarly, while dealing with security, always assume a breach or compromise. We always assume that there is a breach of security, and we define controls to mitigate these breaches. Microsoft has developed a framework called the Zero Trust model (https://learn.microsoft.com/en-us/security/zero-trust), which states, “Never trust, always verify.” The three fundamental ideas of the Zero Trust model are as follows:
- Always verify explicitly
- Use the principle of least privilege
- Always assume a breach
While designing solutions, we need to ensure...
