I finally decided to join this forum, which I find very interesting and has some great contributions into the tech and security space, appreciate it!
I decided that I wanted to share a some of my thoughts. Me and my study team while studying IT security "developed" this general model for security within IT, which I find often is overseen because it is "so basic":
But our point with this model is to illustrate that you have to take these three key points into account when developing as system. I often speak to people who wishes me or someone else to develop a system for their needs and they tell me: "I need MAXIMUM security". Which in my opinion is not the case, as the perfect secured system is unusable. (a system on the bottom of the sea in a secured-box)
This model should illustrate that security is a trade-off between functionality and usability, and you cannot maximise all of these completely.
I would really like to hear your thoughts on my thoughts and the model we created.
Thanks and a please to read posts from some of the great contributors.