This area is often open to attackers due to the addition of features. For example, an unwanted text box in a web application can lead to SQL attacks. This can lead to data loss of information and privacy.
Least privilege:
Make sure the business process requires at least some money from users such as CPU usage, memory, file systems. The higher the resource consumption the higher the risk.
Fail secured:
However, there are many ways an app can fail with its process. The exception always comes with the handler to handle failed cases.
Security been as simple as much:
Always create a simple way to maintain security. Come up with a simple code, it will go faster and faster. Otherwise it will take unnecessary confusion and time.
