What is “Security by Design”?


Eclarity has introduced and follow a principle we refer to as Security by Design. Many elements of this are not new, but its application to the SME in a from-the-outset systems design, most certainly is.

The main principle of Security by Design (the reduction of attack surface) is quite simple and easy to understand by analogy. For example, your house may have a store with both external and internal doors. The external door needs a lock for security, the lock may need to meet a security standard for insurance purposes, but that standard will change over time making your lock obsolete. The lock may become worn and malfunction needing maintenance leaving it vulnerable or you might just lose the key or lend it to someone, so it is no longer in your control. The key may even have its code stamped on top – why do they do this? the IT equivalent of a password on a Post-It note? All of these things make your door a vulnerability and a potential way into your home. So, you fit an alarm, add CCTV and get a dog. One day you realise that you don’t actually need to be able to open the store door from the outside as you only access it internally – so you close off the external door completely. Your door design is now secure, there is nothing to break or go out of date. Nothing to monitor, no additional cost.

Of course not every door can just be sealed off, otherwise, we couldn’t get in ourselves.  We can however scrutinise who we let in – and out – along with what they are allowed to carry with them and constantly watch what they do. This requires firewall analysis at an application level, not just a simplistic one and constant monitoring of what a user or piece of software is doing, Eclarity deploys a host of advanced acronym solutions such as EDR, MDR, ATS, Sandbox, Heuristics Engines – the modern AI mimicking security solutions.

it support for security

What if it all fails? When IT networks are secured by design, a breach may be contained to a local segment or simply halted and its spread prevented. Sometimes, however, no matter what you do bad things happen and it is then that you need a robust Disaster Recovery plan and systems with secured backups to get you up and working again quickly.

In a modern digital world, we all want to be connected and have ultimate flexibility. Sadly, this is exactly what cybercriminals want too. With an open network design, once an attacker is “in” with any level of access they may spread and get to everything in your systems, so your security is reduced to the weakest link. The sideways attack and spread is now the most common method of breach, often leveraged by the targeting phishing (tricking) of an unsuspecting user, as it is much easier than tackling IT security head-on. The “user firewall” is often a very weak point but can be greatly enhanced with Security Awareness Training, another solution Eclarity provides.

Iona Carter
Iona Carter
I started working with Eclarity about a year or so ago, and I can honestly say that it was the best decision I've ever made when it comes to IT stuff. They are incredibly helpful, quick to respond to any issue or even the smallest of questions.... and most importantly for me, talk in a language that a technophobe such as myself can understand!
Sammy Ottley
Sammy Ottley
Great company to work with, have dealt with Fraser numerous times and he has been incredibly helpful.
Mark Laing
Mark Laing
Fantastic technical support and planning for our company from Eclarity over many years, nothing is too much trouble. Friendly and reliable service, highly recommended


Whether you know exactly what your business requirements are or whether you’re struggling to understand exactly what you need. Not to worry, we’re here to help.

Why Security by Design is Important for Businesses


Almost all SME businesses will utilise a simple “flat” IT network where everything is connected to everything else. This is functional and simple and the default for pretty much every piece of equipment you may buy. But from a security perspective, it is a disaster. Yet, in a room full of SMEs, it is unlikely anyone will have done anything about it. It’s certainly not a cost issue as modern equipment generally supports better network designs.

At Eclarity we understand networks and how malware spreads, as well as how various attack vectors can be used to exploit a customer’s systems. We secure credentials and design networks with built in blocks and reduce the attack surface you present. We then apply industry leading security solutions to safeguard the areas of your systems that simply need to be “open” to function and maintain the flexibility your business needs.

No unnecessary areas of attack, no additional security software where not needed and a reduced operating cost for our customers.

Every single day, your IT systems will be subject to some form of an attack. Most will bounce off regular security harmlessly, but a breach is inevitable at some point. How will your systems handle it? What will your customers think? Will you have compromised their data? Can you recover quickly, or at all?

These types of issues are all things that our security by design concept approach will provide answers and solutions for.

Protect from the Start with Our Security by Design Services

system support icon

Network Security

This is the inbuilt isolation of user and server data along operational lines to ensure data trafficking between these can be scrutinised by a firewall.  Non-trusted devices or guest-type users have zero access potential and are isolated from other users. EDR and advanced security solutions are used to assess threats and respond to attacks.

proactive star icon

Cloud Security

Cloud security is an extension of credentials into hosted Cloud systems with multi-factored authentication login and a Zero Trust approach to access. Users and devices need to demonstrate their trustworthiness in order to be granted access and always over an encrypted link

advice from helpdesk icon


This means a combination of firewall policies and monitors controlling both inbound and outbound traffic between LAN and the internet to ensure data is always analysed and blocked unless deemed to be both safe and business relevant. Often combined with a compliance need specific to the customer and a reporting element for management purposes

arrow icon

Application Security

Application security means patching of operating systems and applications to avoid known exploits, and the undertaking of risk assessments to ensure continued compliance with best practice.

downtime computer icon

Internet of Things Security

This means a total isolation of IoT devices from corporate networks, with segmented and isolated networks set up specifically for more complex systems, such as CCTV and door controls having one-way access from the LAN and separated internet zones.

technical support lightbulb icon

Technical Helpdesk Support

With over 20 years in the business, we can provide expert IT support from our technical helpdesk whenever you need it. Our teams are knowledgeable, skilled and experienced in all aspects of IT Support.

cyber essentials logo

Cyber Essentials – A Security by Design Solution

Cyber Essentials is an effective Government backed scheme from the National Cyber Security Centre. Its purpose is to help prepare your business to guard against common cyber threats and to demonstrate the fact that you do so both to clients and suppliers.

With many of the most devasting cyber-attacks in recent times having been made via a “trusted” partner company, many businesses now are refusing to work with suppliers who are not accredited.  


Prepare for the Future with Security by Design


Any search on the Internet will present you with countless consultants offering a Cyber Essentials certification service. In reality, all certifications must be issued by IASME via their certified partners, with everyone else, including Eclarity, using them as a service.

So, why choose Eclarity? Quite simply we not only identify the weaknesses in your IT systems, but as a trusted and ongoing partner, ensure changes can be implemented to meet the requirements set down. Is the process easy? Well, no, not really – as it is likely some significant improvements in your cyber security arsenal will be needed – “no pain, no gain”, as it were – however, not implementing improvement is likely to be more painful.

Discover More Ways We Can Help

Besides our security by design concept, Eclarity offer a whole host of other services to support your business and IT systems from cyberattacks and other online threats. Some of these services include:


What is Security by Design

Security by design means measures and solutions that are designed from the outset to reduce the risk of weak links, such as users and communication paths, opening up your business to a successful cyber-attack. 

Why is Security by Design so important for businesses?

Cybercrime is a big and very well-organised business. Attacks are automated and thorough; everyone is a target no matter the business size, and so measures taken to prevent, but also limit, an attack’s effectiveness are well advised.

How does Security by Design work?

Security by design works by ensuring that wherever possible a customer’s systems attack surface is reduced by removing direct points of entry. Where necessary entry points exist, Eclarity utilises industry-leading security solutions to mitigate the risk and ensure that, should the worst happen, recovery can be achieved promptly.

What are the principles of Security by Design?

The principles of security by design are to prevent attacks by removing risks, monitoring systems and necessary gateways, limiting an attack’s spread and effectiveness. Learn more about security by design principles here.

Contact us today for bespoke Security by Design services

Contact Form

This field is for validation purposes and should be left unchanged.