DEV Community

loading...

Discussion on: From developer to (solutions) architect. A simple guide.

Collapse
crongm profile image
Carlos Garcia ★

Great read and guide. As a developer who's looking into the next steep in my career I had a rough idea of the skills needed for a position in both Software and Solutions Architect, but reading your article and the actual topics I should look into will be definitely helpful.

The topic that stresses me the most is on security, as I believe that's where most of the risk of implementing a new system comes from. How do you prepare to mitigate such risks, and how much do you need the assistance of someone who specializes in security?

Collapse
anfibiacreativa profile image
Natalia Venditto Author • Edited

Hello Carlos, thank you for your comment! Security is indeed one of the most important aspects of system design, but you should not stress. First of all, you need to separate concerns. Security implementation is different at every level (ie: application, vs data on the wire.) And every one of those layers have their own mechanisms. Some are protocol dependent, and some are internet standards (like TLS/SSL) that you don't need to worry about anymore, because it is a de-facto. If your infra is on the cloud, providers already offer security oriented options to seal your system. The most dangerous and difficult to mitigate are the vulnerabilities that use the supply chain as vector. Start by taking a look at owasp.org/ but also keep in mind that as an Architect, you're not alone: there are infosec experts to cover this topic. And many offer resources online for free, to advise on how to secure specific components: ie: containers, etc.