A developmental view of system security

Security policy can't be timeless, static, and universal. Security is more of a developmental problem than a technical one. Security should be integrated into an organization in such a way as to enhance and safeguard each facet in the least intrusive yet most effective way possible at a given time. Gradually, as the organization and the technology it uses "grow up together," security should become less intrusive, until at some point it's almost invisible. This article presents a developmental view of system security.