In this chapter:

Before investing a great deal of time designing and implementing software, you should understand the costs of building secure applications, especially those handling data with privacy considerations. Obviously, you want to expend as much effort as needed to create the appropriate level of protection, but not too much more. Higher risk translates into higher development and support costs. As discussed in Chapter 1, privacy and security are intricately intertwined, and understanding the impact of both on your software is an important part of performing a risk assessment required to build protections into the software.