Privacy and Security Practices in Software Development

Privacy and security are complex topics, and it gets eve more complicated when trying to implement them in digital products and services. The ground truth is, security and privacy are important. In practice, they are often seen as a low-priority non-functional requirements but why? Over the last two decades, numerous research efforts identify lots of different factors that have an influence on software systems development and deployment project outcomes. However, this knowledge is fragmented, hard to access, and sometimes even contradicting.

Our goal was to understand and categorize the factors that have an impact on developers’ adoption and implementation of privacy and security practices in software development, so we carried out a literature review. Here is the video where I summarise our process and findings.

To sum up, all factors are interconnected. Still, we mapped them into five levels or broad categories and suggested behavioural change recommendations.

I hope this work can provide a foundation for future efforts targeting organizational and individual behaviour change that will facilitate the adoption of privacy and security practices in software development teams.

The team of enthusiasts behind this work: Leysan Nurgalieva, Alisa Frik, and Gavin Doherty.

Refer to the paper

Nurgalieva, L., Frik, A., & Doherty, G. A Narrative Review of Factors Affecting the Implementation of Privacy and Security Practices in Software Development. ACM Computing Surveys.