What considerations would you keep in mind while developing a security architecture for a new application?