Go back to overview

Web Applications: Balancing High Performance and High Security

6 May 2020

All business in 2021 is digital. From payroll architecture for newsagents and supermarkets to developers of mobile games and even the players, our work and our play rely heavily on the proper functioning of applications. We no longer live in an era where people can afford to wait for information to transfer. We've got so much choice too that we don't even have to accept applications that don't look exactly how we want them to look. With all this choice and information travelling about at such speed, how can we be sure we're really getting the most out of our day-to-day applications?

Relatively speaking, you can program an application to do almost anything. In our experience with the financial sector, even the simplest applications can run searches on massive amounts of data. They can pull up information on transactions in real-time while also anonymising data and encrypting the search activity to ensure no untoward eyes are watching. With a whole universe of possibilities laid out in front of you before you even begin to develop an application, sometimes it's tough to know where to start. Well, why not start with two absolute fundamentals.


The motto for all good application developers should be 'don't settle'. Whether building an application for personal or corporate use, technology changes and new things become possible at such a lightning-fast pace. Not preparing and thinking of how your app's health and performance will compare to its closest competitor is an easy way to fall behind and disappear. It's so important to always be thinking of the next upgrade, but more important still to make that upgrade before its even necessary.

Simply put, forget the limitations of devices in the past, you're developing for the future. Hardware and CPU power now is greater than ever before and Moore's Law ensures that upward trajectory in operational functionality will only continue. Server-side hardware is no longer required to carry the weight of the functions APIs are required to perform, thanks to front-end frameworks like Angular and React. This means the door is open to really play in the space creatively while ensuring your application can always function smoothly without fail.


Even if your application is solely for personal use and doesn't technically live online there is a threat. As long as your device is connected to the Internet, it's at risk of being compromised. It seems obvious to say it but security should never be something you implement as an 'add-on' to your application's function. Application security needs to be paramount as the creators of Zoom found out.

Security measures should always be implemented as part of the initial development process. Fortunately, security practices have evolved right alongside development practices and many frameworks even support best security practices. Front-end frameworks can sanitise user input by protecting against XSS attacks while some back-end frameworks can help protect against SQL attacks.

With the shift from RESTful APIs to GRPC-web APIs, this process will become even more efficient as information will be serialised. This means it's smaller and therefore even easier for architecture to process and interact with. This process also makes interactions more secure as serialised requests and responses are harder for hackers to tamper with.

How Can I Be Sure My Application Has Both?

The short answer is 'build it yourself'. Without proper penetration testing, you can't be 100% sure an application is that secure or even that highly performant. You wouldn't buy a car without a guarantee that it's passed all the relevant tests. Software and applications are no different. The easiest way to be sure your day-to-day applications are secure and functioning efficiently is to build them yourself or to find a partner with a specialisation in development and security.

The benefits of this go far beyond security. Having your own custom applications and software means having something that is sculpted around the way you do business. Maybe some applications have one element of what you need but lack a function that another application has. Maybe you're paying a monthly subscription to a software bundle that you only really need one element of. Custom software means all your interests are combined in one secure bundle in an environment shaped by your needs.

Our cybersecurity and software development teams work together to build your applications from the ground up. This collaboration means both performance and security are given equal priority, leaving nothing added as an afterthought, built around your exact needs. Talk to us today to find out how a custom software or application could help revolutionise your day-to-day.