If tasked with securing a new application, what steps would you take to ensure its security before deployment at 22nd Century Technologies?