{"id":19393,"date":"2025-05-14T10:00:00","date_gmt":"2025-05-14T08:00:00","guid":{"rendered":"https:\/\/itpatagonia.com\/?p=19393"},"modified":"2026-04-20T14:52:35","modified_gmt":"2026-04-20T12:52:35","slug":"seguridad-por-diseno-que-es","status":"publish","type":"post","link":"https:\/\/itpatagonia.com\/en\/blog\/seguridad-por-diseno-que-es","title":{"rendered":"Security by design: How to make cybersecurity-friendly user experiences compatible?"},"content":{"rendered":"<p>In a digital world where cyberattacks are becoming more sophisticated, companies are adopting a <strong>more proactive approach to protecting your systems and data<\/strong>.\u00a0<\/p>\n\n\n\n<p>Security by design emerges as a <strong>Key strategy for integrating cybersecurity from the earliest stages of digital product and service development<\/strong>.\u00a0<\/p>\n\n\n\n<p>However, this approach is not without its challenges, especially when it comes to supporting user-friendly user experiences (UX) and coordinating teams with diverse functions.<\/p>\n\n\n\n<p>In some organizations, there are even leaders who believe that UX and security are opposites.<strong> But it is quite the opposite<\/strong>.\u00a0<\/p>\n\n\n\n<p>It&#039;s not necessary to be on opposite sides. The practice that any technology development company should follow today is what is known in cybersecurity as <strong>security by design<\/strong>.<\/p>\n\n\n\n<p>According to <a href=\"https:\/\/www.linkedin.com\/in\/salvadorvial\" target=\"_blank\" rel=\"noreferrer noopener\">Salvador Vial<\/a>, Principal Executive Security Advisor and Field CISO of <a href=\"https:\/\/aws.amazon.com\/es\/\" target=\"_blank\" rel=\"noreferrer noopener\">Amazon Web Services (AWS)<\/a>, if an organizational culture includes security by design in all its processes, <a href=\"https:\/\/itpatagonia.com\/en\/que-es-la-ciberseguridad-y-su-importancia-para-el-negocio\/\">Cybersecurity factors will be included in the user experience roadmap<\/a>.<\/p>\n\n\n\n<p>However, there is a discussion among leaderships about how to implement security by design with separate teams performing both functions.\u00a0<\/p>\n\n\n\n<p>So, many coordination, leadership, and communication issues arise to resolve.\u00a0<\/p>\n\n\n\n<p>But the methodology exists, and the key lies in how to put this strategy into practice.<\/p>\n\n\n\n<p>To that end, in this article we explain what security by design is and how to implement it from a leadership perspective.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Current events: impact of security on design<\/h2>\n\n\n\n<p>Unsafe design is classified <strong>as the fourth critical web application security concern<\/strong> in the Open Web Application Security Project.\u00a0<\/p>\n\n\n\n<p>He <a href=\"https:\/\/owasp.org\/www-project-top-ten\/\" target=\"_blank\" rel=\"noreferrer noopener\">OWASP Top 10<\/a> It is a standard awareness document for web application security and developers. It represents a broad consensus on the most critical security risks to web applications.<\/p>\n\n\n\n<p>In order to take into account the degree of threat, <a href=\"https:\/\/blog.qualys.com\/vulnerabilities-threat-%0A%0Aresearch\/2023\/12\/19\/2023-threat-landscape-year-in-review-part-one\" target=\"_blank\" rel=\"noreferrer noopener\">In 2023, a total of 26,447 critical vulnerabilities were disclosed.<\/a>, exceeding the previous year by more than 1,500.\u00a0<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What is security by design?<\/h2>\n\n\n\n<p>Security by design is an approach that incorporates cybersecurity principles <strong>from the beginning of the development of a system, application or digital infrastructure<\/strong>.\u00a0<\/p>\n\n\n\n<p>This concept involves designing digital products with natively built-in security, minimizing vulnerabilities from the outset.<\/p>\n\n\n\n<p>Key principles of security by design include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Privilege minimization<\/strong>. Limit access and permissions to those strictly necessary.<\/li>\n\n\n\n<li><strong>Defense in depth<\/strong>. Implement multiple layers of security to mitigate risks.<\/li>\n\n\n\n<li><strong>Default security<\/strong>. Configure systems securely by default, without relying on the user to modify settings.<\/li>\n\n\n\n<li><strong>Robust identity and access management<\/strong>. Use of multi-factor authentication and data encryption.<\/li>\n\n\n\n<li><strong>Continuous monitoring<\/strong>. Rapid threat detection and response.<\/li>\n<\/ul>\n\n\n\n<p>This approach not only reduces the risk of cyber attacks, but also <strong>reduces long-term costs<\/strong>, by avoiding costly fixes and reputational damage from security incidents.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"389\" src=\"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen2--1024x389.png\" alt=\"Seguridad por dise\u00f1o. Aspectos de la ciberseguridad con mirada centrada en las personas usuarias.\" class=\"wp-image-19394\" srcset=\"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen2--1024x389.png 1024w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen2--300x114.png 300w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen2--768x291.png 768w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen2--1536x583.png 1536w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen2--2048x777.png 2048w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen2--18x7.png 18w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen2--720x273.png 720w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Security by design: It is possible to create secure, user-centric applications.<\/figcaption><\/figure>\n\n\n\n<div style=\"height:10px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Differences between security by design and security by default<\/h2>\n\n\n\n<p>The term security by design is often confused with security by default.\u00a0<\/p>\n\n\n\n<p><strong>They are two different elements<\/strong>, but complementary, to a comprehensive security strategy.<\/p>\n\n\n\n<p>This is highlighted in the whitepaper <a href=\"https:\/\/d1.awsstatic.com\/partner-network\/AWS-SANS-Secure-by-Design-Whitepaper-2024.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Building Security from the Ground up with Secure by Design<\/a>, from AWS, prepared by Eric Johnson, Bertram Dorn and Paul Vixie.<\/p>\n\n\n\n<p>In the document, the following distinction is made:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Security by default<\/strong> it&#039;s a <a href=\"https:\/\/itpatagonia.com\/en\/diseno-centrado-en-las-personas\/\">user-centered approach<\/a>. Indicates the default configuration of a product <strong>It is secure from the start and resistant to common exploitation techniques<\/strong>, without the need for additional security configuration.<\/li>\n\n\n\n<li><strong>Security by design<\/strong> It is a developer-centric approach. It goes beyond the implementation of standard security measures to <strong>assess and address risks and vulnerabilities at each stage of the development life cycle<\/strong> (from design to implementation and maintenance), rather than reacting after the fact.<\/li>\n<\/ul>\n\n\n\n<p>Both ensure that security is inherent and work to:\u00a0<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Establish a solid foundation for proactive security.<\/li>\n\n\n\n<li>Building trust with customers.<\/li>\n\n\n\n<li>Increasing the level of difficulty for threat actors seeking to exploit products and systems.<\/li>\n<\/ul>\n\n\n\n<p>Security by design (SbD) offers greater flexibility to help protect resources and resist threats that originate outside the system&#039;s architectural components.\u00a0<\/p>\n\n\n\n<p>It also allows you to use products with different options and configurations, so the result is tailored to your risk tolerance level.<\/p>\n\n\n\n<p>With security by design, they assure from AWS, the <strong>The safety of the architectural components surrounding the products cannot be altered without changing their fundamental design or configuration.<\/strong>.\u00a0<\/p>\n\n\n\n<p>SbD principles can be applied to components ranging from IT workloads to services, <a href=\"https:\/\/itpatagonia.com\/en\/arquitectura-de-microservicios-claves\/\">microservices<\/a>, libraries and more.<\/p>\n\n\n\n<p>Another way to consider security by design is to consider the topology of a space, such as a house.\u00a0<\/p>\n\n\n\n<p>An SbD configuration should have only closed, finite rooms within the configuration space (house), which do not allow access to an infinite space (outside the house) except through well-defined and carefully controlled entry and exit points.\u00a0<\/p>\n\n\n\n<p>This lack of configuration space options makes for greater.<\/p>\n\n\n\n<p>When the <a href=\"https:\/\/itpatagonia.com\/en\/journey-to-the-cloud-que-es\/\">software is in the cloud<\/a>, security by design helps eliminate access points.\u00a0<\/p>\n\n\n\n<p>Identity and access management (IAM) is your first line of defense, as incorrect IAM configurations can lead to misconfigurations and insecure use in other environments.\u00a0<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How to make a user-friendly UX compatible with cybersecurity?<\/h2>\n\n\n\n<p>One of the most common challenges when implementing security by design is <strong>achieving a balance between protection and usability<\/strong>.\u00a0<\/p>\n\n\n\n<p>This is especially important, considering that many times<strong> <\/strong>the measures of <a href=\"https:\/\/itpatagonia.com\/en\/ciberseguridad-y-proteccion-de-datos\/\">cybersecurity<\/a> They can be perceived as barriers that affect the user experience, generating frustration and even discouraging use.<\/p>\n\n\n\n<p>However, best practices in user experience (UX) design and security <strong>can coexist to offer safe and accessible solutions<\/strong>.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Frictionless authentication<\/strong>Methods such as biometric authentication or single sign-on (SSO) facilitate access without compromising security.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Intuitive and educational design<\/strong>Clear interfaces that explain the importance of certain security measures help users adopt good practices without feeling overwhelmed.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Transparency in security<\/strong>. Unobtrusive yet informative notifications about critical actions reinforce user confidence.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Adaptive approach<\/strong>. Systems that adjust security levels based on the risk detected (for example, requiring additional authentication only in suspicious contexts).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">User experience and security: opposites or complementary?<\/h2>\n\n\n\n<p>A <strong>Well-designed security, does not interrupt the user experience<\/strong>, but rather integrates seamlessly into their daily interactions.<\/p>\n\n\n\n<p>However, some organizations still view security and user experience as conflicting objectives, even though they are actually complementary.\u00a0<\/p>\n\n\n\n<p>A system that doesn&#039;t prioritize security can lead to data breaches and loss of trust, negatively impacting user perception.<\/p>\n\n\n\n<p>Leading technology companies demonstrated that a well-designed user experience can not only be secure, <strong>but can also improve user perception of the brand<\/strong>.\u00a0<\/p>\n\n\n\n<p>Users value feeling protected, as long as security does not involve excessively complex processes.<\/p>\n\n\n\n<p>If organizations adopt security by design throughout their processes, cybersecurity factors will be naturally integrated into the user experience roadmap, without one affecting the other.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"389\" src=\"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen1-png-1024x389.png\" alt=\"Hay que priorizar la seguridad como un elemento cr\u00edtico del desarrollo de productos en toda la organizaci\u00f3n y en colaboraci\u00f3n con los clientes.\" class=\"wp-image-19396\" srcset=\"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen1-png-1024x389.png 1024w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen1-png-300x114.png 300w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen1-png-768x291.png 768w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen1-png-1536x583.png 1536w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen1-png-2048x777.png 2048w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen1-png-18x7.png 18w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen1-png-720x273.png 720w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Security must be prioritized as a critical element of product development across the organization and in collaboration with customers.<\/figcaption><\/figure>\n\n\n\n<div style=\"height:10px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">The challenge of coordination: security by design in organizational culture<\/h2>\n\n\n\n<p>One of the main challenges in implementing security by design is that, in practice, <a href=\"https:\/\/itpatagonia.com\/en\/ux-ui-que-es-y-su-importancia-para-las-empresas\/\">UX\/UI teams<\/a> and security operate separately, with different objectives and methodologies:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The <strong>user experience teams<\/strong> They seek to simplify and optimize user interaction with the system.<\/li>\n\n\n\n<li>The <strong>cybersecurity teams<\/strong> prioritize threat protection, which can sometimes translate into additional restrictions.<\/li>\n<\/ul>\n\n\n\n<p>This clash of perspectives can generate friction if effective coordination, leadership, and communication mechanisms are not established.\u00a0<\/p>\n\n\n\n<p>To resolve it, the following aspects are essential.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Encourage collaboration from the start: <\/strong>UX and security teams should work together from the design phase, rather than acting as separate departments.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Define common standards: <\/strong>create clear guidelines on how security will be integrated without affecting usability.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Include security as part of the organizational culture: <\/strong>It should not be seen as a technical obligation, but as a core value within the company.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Form the teams: <\/strong>train both designers and security experts on the importance of finding a balance between the two approaches.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Appoint integration leaders: <\/strong>profiles that facilitate communication between teams and align UX and cybersecurity strategies.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Principles of security by design<\/h2>\n\n\n\n<p>According to the <a href=\"https:\/\/www.cisa.gov\/resources-tools\/resources\/secure-by-design\" target=\"_blank\" rel=\"noreferrer noopener\">US National Cyber Security Center (CISA)<\/a>, products designed with the principles of safety by design <strong>prioritize customer safety as a fundamental business requirement<\/strong>, rather than considering it simply a technical feature.\u00a0<\/p>\n\n\n\n<p>The organization maintains that during the design phase of a product&#039;s development lifecycle, companies must implement security-by-design principles.\u00a0<\/p>\n\n\n\n<p>The objective is <strong>significantly reduce the number of vulnerabilities<\/strong> exploitable before marketing it for general use or consumption.\u00a0<\/p>\n\n\n\n<p>The organization warns that the <strong>products must be factory safe <\/strong>with additional security features such as multi-factor authentication (MFA), registration and single sign-on (SSO), and available at no additional cost.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>A <strong>Well-designed security, does not interrupt the user experience<\/strong>, but rather integrates seamlessly into their daily interactions.<\/p>\n<\/blockquote>\n<\/blockquote>\n\n\n\n<p>The <a href=\"https:\/\/www.cisa.gov\/sites\/default\/files\/2023-10\/SecureByDesign_1025_508c.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Three principles of security by design published by CISA<\/a> are the following:<\/p>\n\n\n\n<p>1. <strong>Take responsibility for the results<\/strong> customer safety and develop the product accordingly.\u00a0<\/p>\n\n\n\n<p>The responsibility for safety should not fall solely on the customer.<\/p>\n\n\n\n<p>2. <strong>Adopt radical levels of transparency and accountability<\/strong>Software manufacturers must pride themselves on offering secure and protected products. Furthermore, they must differentiate themselves from the rest of the manufacturing community through their ability to do so.\u00a0<\/p>\n\n\n\n<p>This may include sharing information they learn from their customers&#039; implementations, such as the adoption of strong authentication mechanisms by default.\u00a0<\/p>\n\n\n\n<p>It also entails a firm commitment to ensuring that vulnerability advisories and associated Common Vulnerabilities and Exposures (CVE) logs are complete and accurate.\u00a0<\/p>\n\n\n\n<p>However, <strong>CISA warns that we must be careful with the temptation to consider CVEs as a negative metric.<\/strong>, as these numbers are also an indicator of a strong code testing and analysis community.<\/p>\n\n\n\n<p>3. <strong>Build organizational structure and leadership<\/strong> to achieve these objectives.<\/p>\n\n\n\n<p>While technical expertise in the field is critical to product security, senior executives are the primary decision-makers responsible for implementing change in an organization.<\/p>\n\n\n\n<p>Leaders must prioritize security as a critical element of product development across the organization and in collaboration with customers.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"389\" src=\"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen3--1024x389.png\" alt=\"Seguridad por dise\u00f1o: lograr que los equipos de UX y ciberseguridad trabajen en conjunto, alineando objetivos y metodolog\u00edas.\" class=\"wp-image-19395\" srcset=\"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen3--1024x389.png 1024w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen3--300x114.png 300w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen3--768x291.png 768w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen3--1536x583.png 1536w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen3--2048x777.png 2048w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen3--18x7.png 18w, https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_imagen3--720x273.png 720w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Security by design: Getting UX and cybersecurity teams to work together, aligning goals and methodologies.<\/figcaption><\/figure>\n\n\n\n<div style=\"height:10px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Benefits of security by design\u00a0<\/h2>\n\n\n\n<p>A security-by-design approach <a href=\"https:\/\/d1.awsstatic.com\/partner-network\/AWS-SANS-Secure-by-Design-Whitepaper-2024.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">establishes a solid foundation that reduces risks and offers security benefits<\/a> for your development teams and your business.<\/p>\n\n\n\n<p>Some of the main advantages are detailed below.<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Scalability<\/strong><\/li>\n<\/ol>\n\n\n\n<p>Operations within a secure-by-design configuration allow for rapid scaling without repeating security configurations.\u00a0<\/p>\n\n\n\n<p>This is especially beneficial in environments where demand cannot be accurately predicted in advance.\u00a0<\/p>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li><strong>Repeatability<\/strong><\/li>\n<\/ol>\n\n\n\n<p>Having prepared spaces also allows for quick configuration repetition.\u00a0<\/p>\n\n\n\n<p>With a security-by-design approach, you can create products and services designed to be secure through a repeatable mechanism that can strengthen the development lifecycle.<\/p>\n\n\n\n<p><strong>Agility<\/strong><\/p>\n\n\n\n<p>While development teams may be concerned about the access and resource limitations associated with a security-by-design approach, agility within a closed space can be greater in the long run.\u00a0<\/p>\n\n\n\n<p>When an environment is designed with security in mind, developers within the SbD setup do not need to rethink security configuration and can focus on their areas of expertise.\u00a0<\/p>\n\n\n\n<p>By integrating security into development practices, organizations can become more agile, resilient, and responsive to threats.<\/p>\n\n\n\n<p><strong>Sustainability<\/strong><\/p>\n\n\n\n<p>A strong approach to security by design includes built-in feedback loops using detection controls that <a href=\"https:\/\/itpatagonia.com\/en\/infraestructura-it-sustentable-el-futuro-de-los-data-centers\/\">facilitate sustainability<\/a>This allows them to analyze data and leverage information to improve the security of their products, services, or processes.\u00a0<\/p>\n\n\n\n<p>If the design considers future technological developments, such as changes in cryptography, for example, tracking them should be possible by design.\u00a0<\/p>\n\n\n\n<p>This results in products and services with a longer lifespan, with potentially fewer changes and iterations, and a stable interaction surface.<\/p>\n\n\n\n<p><strong>Handling<\/strong><\/p>\n\n\n\n<p>Manageability features such as logging, reporting, and data collection for compliance purposes can usually be integrated into the design and do not require redesign.\u00a0<\/p>\n\n\n\n<p>The included preventative controls will automatically generate the data needed to keep your IT workload under control.\u00a0<\/p>\n\n\n\n<p>A pre-built operational configuration for compute instances, for example, can include backup and restore, logging, access management, patch management, inventory management, and telemetry data that are automatically deployed.\u00a0<\/p>\n\n\n\n<p>Today, it is possible to orchestrate these tasks using automated systems and document them with detection controls.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Automation: Your support for security by design<\/h2>\n\n\n\n<p>As explained in the aforementioned whitepaper, there are two areas of automation related to security-by-design workloads.\u00a0<\/p>\n\n\n\n<p><strong>Both are important to maintain safe and healthy configurations.<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Preventive controls<\/strong><\/li>\n<\/ol>\n\n\n\n<p>They ensure that configurations can only be deployed in a safe, design-defined mode.<\/p>\n\n\n\n<p>The pipelines of <a href=\"https:\/\/itpatagonia.com\/en\/ci-cd-que-es-y-beneficios\/\">continuous integration and continuous delivery (CI\/CD)<\/a> that help automate the software delivery process contribute substantially to SbD environments.<\/p>\n\n\n\n<p>They include a comprehensive set of checks that must be run (such as firewall settings, operating system settings, libraries used, security patches, and software components used) before deploying a target configuration.<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Detection systems<\/strong><\/li>\n<\/ol>\n\n\n\n<p>They can identify non-conforming components or configurations.\u00a0<\/p>\n\n\n\n<p>Misconfigurations should generally not occur in SbD configurations, as they are largely prevented by design and preventive controls in implementation.\u00a0<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Conclusion<\/h2>\n\n\n\n<p>Security by design is a cybersecurity trend that is transforming the way companies develop digital products.\u00a0<\/p>\n\n\n\n<p>Rather than being an obstacle, security can be integrated naturally into the user experience, building trust and minimizing risk.<\/p>\n\n\n\n<p>The main challenge is not only technical, but also organizational: <strong>Getting UX and cybersecurity teams to work together, aligning objectives and methodologies<\/strong>.\u00a0<\/p>\n\n\n\n<p>With a collaborative approach and an organizational culture that values security by design, companies can deliver solutions that are both secure and user-friendly.<\/p>\n\n\n\n<p>Contact us to find out <a href=\"https:\/\/itpatagonia.com\/en\/contacto\/\">How we help organizations build usable and accessible products<\/a><\/p>\n\n\n\n<p>Also find out about the technological products that we can develop for you <a href=\"https:\/\/itpatagonia.com\/en\/servicios\/softwarestudio\/\">Support you in building interactive, functional and people-centered products<\/a>.<\/p>\n\n\n\n<p>And how to boost your business strategy <a href=\"https:\/\/codeki.com.ar\/\">developing IT talent<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>We analyze how security by design allows cybersecurity to be integrated from the beginning of a product&#039;s digital development, without sacrificing the user experience. <\/p>","protected":false},"author":3,"featured_media":19397,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[173,52],"tags":[130,111],"class_list":["post-19393","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-modernizacion-core","category-software-studio","tag-ciberseguridad","tag-ux-ui"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Seguridad por dise\u00f1o: nueva tendencia en ciberseguridad<\/title>\n<meta name=\"description\" content=\"Qu\u00e9 es la seguridad por dise\u00f1o y c\u00f3mo permite integrar la ciberseguridad desde el inicio del desarrollo digital de un producto.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/itpatagonia.com\/en\/blog\/seguridad-por-diseno-que-es\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Seguridad por dise\u00f1o: nueva tendencia en ciberseguridad\" \/>\n<meta property=\"og:description\" content=\"Qu\u00e9 es la seguridad por dise\u00f1o y c\u00f3mo permite integrar la ciberseguridad desde el inicio del desarrollo digital de un producto.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/itpatagonia.com\/en\/blog\/seguridad-por-diseno-que-es\/\" \/>\n<meta property=\"og:site_name\" content=\"IT Patagonia\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-14T08:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-20T12:52:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_Portada-ES-1024x389.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"389\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Valeria Frick\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Valeria Frick\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"13 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es\"},\"author\":{\"name\":\"Valeria Frick\",\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/#\\\/schema\\\/person\\\/ac8661c9cfc3e2a5a865f0fe97c9e1bb\"},\"headline\":\"Seguridad por dise\u00f1o: \u00bfC\u00f3mo compatibilizar experiencias de usuario amigables con la ciberseguridad?\",\"datePublished\":\"2025-05-14T08:00:00+00:00\",\"dateModified\":\"2026-04-20T12:52:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es\"},\"wordCount\":2911,\"publisher\":{\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/itpatagonia.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/UX-security-_Portada-ES.png\",\"keywords\":[\"Ciberseguridad\",\"UX\\\/UI\"],\"articleSection\":[\"Modernizaci\u00f3n Core\",\"Software Studio\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es\",\"url\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es\",\"name\":\"Seguridad por dise\u00f1o: nueva tendencia en ciberseguridad\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/itpatagonia.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/UX-security-_Portada-ES.png\",\"datePublished\":\"2025-05-14T08:00:00+00:00\",\"dateModified\":\"2026-04-20T12:52:35+00:00\",\"description\":\"Qu\u00e9 es la seguridad por dise\u00f1o y c\u00f3mo permite integrar la ciberseguridad desde el inicio del desarrollo digital de un producto.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es#primaryimage\",\"url\":\"https:\\\/\\\/itpatagonia.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/UX-security-_Portada-ES.png\",\"contentUrl\":\"https:\\\/\\\/itpatagonia.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/UX-security-_Portada-ES.png\",\"width\":6667,\"height\":2530,\"caption\":\"Seguridad por dise\u00f1o. Como combinar la experiencia de las personas usuarias con seguridad. IT Patagonia\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/blog\\\/seguridad-por-diseno-que-es#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\\\/\\\/itpatagonia.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Seguridad por dise\u00f1o: \u00bfC\u00f3mo compatibilizar experiencias de usuario amigables con la ciberseguridad?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/#website\",\"url\":\"https:\\\/\\\/itpatagonia.com\\\/\",\"name\":\"IT Patagonia\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/itpatagonia.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/#organization\",\"name\":\"IT Patagonia\",\"url\":\"https:\\\/\\\/itpatagonia.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/itpatagonia.com\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/IT-Patagonia-logo-web.png\",\"contentUrl\":\"https:\\\/\\\/itpatagonia.com\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/IT-Patagonia-logo-web.png\",\"width\":350,\"height\":100,\"caption\":\"IT Patagonia\"},\"image\":{\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/itpatagonia\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/itpatagonia.com\\\/#\\\/schema\\\/person\\\/ac8661c9cfc3e2a5a865f0fe97c9e1bb\",\"name\":\"Valeria Frick\",\"url\":\"https:\\\/\\\/itpatagonia.com\\\/en\\\/blog\\\/author\\\/vfrick\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security by design: a new trend in cybersecurity","description":"What is security by design and how it allows you to integrate cybersecurity from the beginning of a product&#039;s digital development.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/itpatagonia.com\/en\/blog\/seguridad-por-diseno-que-es\/","og_locale":"en_US","og_type":"article","og_title":"Seguridad por dise\u00f1o: nueva tendencia en ciberseguridad","og_description":"Qu\u00e9 es la seguridad por dise\u00f1o y c\u00f3mo permite integrar la ciberseguridad desde el inicio del desarrollo digital de un producto.","og_url":"https:\/\/itpatagonia.com\/en\/blog\/seguridad-por-diseno-que-es\/","og_site_name":"IT Patagonia","article_published_time":"2025-05-14T08:00:00+00:00","article_modified_time":"2026-04-20T12:52:35+00:00","og_image":[{"width":1024,"height":389,"url":"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_Portada-ES-1024x389.png","type":"image\/png"}],"author":"Valeria Frick","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Valeria Frick","Est. reading time":"13 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es#article","isPartOf":{"@id":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es"},"author":{"name":"Valeria Frick","@id":"https:\/\/itpatagonia.com\/#\/schema\/person\/ac8661c9cfc3e2a5a865f0fe97c9e1bb"},"headline":"Seguridad por dise\u00f1o: \u00bfC\u00f3mo compatibilizar experiencias de usuario amigables con la ciberseguridad?","datePublished":"2025-05-14T08:00:00+00:00","dateModified":"2026-04-20T12:52:35+00:00","mainEntityOfPage":{"@id":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es"},"wordCount":2911,"publisher":{"@id":"https:\/\/itpatagonia.com\/#organization"},"image":{"@id":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es#primaryimage"},"thumbnailUrl":"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_Portada-ES.png","keywords":["Ciberseguridad","UX\/UI"],"articleSection":["Modernizaci\u00f3n Core","Software Studio"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es","url":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es","name":"Security by design: a new trend in cybersecurity","isPartOf":{"@id":"https:\/\/itpatagonia.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es#primaryimage"},"image":{"@id":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es#primaryimage"},"thumbnailUrl":"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_Portada-ES.png","datePublished":"2025-05-14T08:00:00+00:00","dateModified":"2026-04-20T12:52:35+00:00","description":"What is security by design and how it allows you to integrate cybersecurity from the beginning of a product&#039;s digital development.","breadcrumb":{"@id":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es#primaryimage","url":"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_Portada-ES.png","contentUrl":"https:\/\/itpatagonia.com\/wp-content\/uploads\/2025\/05\/UX-security-_Portada-ES.png","width":6667,"height":2530,"caption":"Seguridad por dise\u00f1o. Como combinar la experiencia de las personas usuarias con seguridad. IT Patagonia"},{"@type":"BreadcrumbList","@id":"https:\/\/itpatagonia.com\/blog\/seguridad-por-diseno-que-es#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/itpatagonia.com\/"},{"@type":"ListItem","position":2,"name":"Seguridad por dise\u00f1o: \u00bfC\u00f3mo compatibilizar experiencias de usuario amigables con la ciberseguridad?"}]},{"@type":"WebSite","@id":"https:\/\/itpatagonia.com\/#website","url":"https:\/\/itpatagonia.com\/","name":"IT Patagonia","description":"","publisher":{"@id":"https:\/\/itpatagonia.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/itpatagonia.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/itpatagonia.com\/#organization","name":"IT Patagonia","url":"https:\/\/itpatagonia.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itpatagonia.com\/#\/schema\/logo\/image\/","url":"https:\/\/itpatagonia.com\/wp-content\/uploads\/2023\/11\/IT-Patagonia-logo-web.png","contentUrl":"https:\/\/itpatagonia.com\/wp-content\/uploads\/2023\/11\/IT-Patagonia-logo-web.png","width":350,"height":100,"caption":"IT Patagonia"},"image":{"@id":"https:\/\/itpatagonia.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/itpatagonia\/"]},{"@type":"Person","@id":"https:\/\/itpatagonia.com\/#\/schema\/person\/ac8661c9cfc3e2a5a865f0fe97c9e1bb","name":"Valeria Frick","url":"https:\/\/itpatagonia.com\/en\/blog\/author\/vfrick"}]}},"_links":{"self":[{"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/posts\/19393","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/comments?post=19393"}],"version-history":[{"count":3,"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/posts\/19393\/revisions"}],"predecessor-version":[{"id":30307,"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/posts\/19393\/revisions\/30307"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/media\/19397"}],"wp:attachment":[{"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/media?parent=19393"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/categories?post=19393"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itpatagonia.com\/en\/wp-json\/wp\/v2\/tags?post=19393"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}