Profile

Michael Ye

Security Architect and engineering leader with 15+ years of experience designing and implementing secure cloud platforms, application guardrails, and risk governance models across highly regulated financial services, healthcare, and aviation sectors.

Principles

// Design security in from the start

Integrate security from the start. Retrofitting security onto a completed architecture is difficult, brittle, and expensive.

// Know your threat model

Identify who your attacker is and what resources they possess. Design defenses around realistic capabilities rather than assuming trust.

// Security is economics

No system is completely secure. The cost of defense must be proportional to the value of the asset and the cost of the attack.

// Security through obscurity fallacy

Design under the assumption that the attacker knows all internal details of the system. Never rely on security through obscurity.

// Use fail-safe defaults

Choose defaults that deny access. If a security mechanism fails or crashes, it must default to a secure state (fail-closed).

// Least privilege

Every process and user should operate with the minimum privileges necessary, limiting the blast radius of any compromise.

// Separation of responsibility

Split up privileges so no single party holds absolute power. Require collusion or multiple approvals for critical actions.

// Defense in depth

Layer multiple independent defensive controls. An attacker must breach every layer, not just one, to compromise the system.

// Detect if you can't prevent

If prevention fails, ensure you can detect the breach. Detection without response is pointless, so plan for recovery.

// Consider Human Factors

Security systems must remain usable. If a control is too inconvenient, users will subvert it to make their lives easier.