Blog ·
Security in System Development in Thailand: Balancing Risk and On-Site Realities

Demand for system development in Thailand has grown rapidly, and as business systems and web services proliferate, security has become unavoidable — particularly for Japanese-affiliated companies who must navigate local risks and organizational differences.
Most security issues come from operations, not technology
Conversations about security tend to focus on cutting-edge cryptography or robust frameworks, but in practice the majority of incidents come from person-dependent operational habits. We see developers in Thailand storing source code in personal cloud accounts, or passwords written on paper and stuck to desks.
On 10 August 2023, Chulalongkorn University was hit by the LockBit ransomware group, with data tied to its official domain illicitly exfiltrated. Even with a technically standard configuration, lax operational discipline can lead to serious problems.
"Friendliness" can backfire in Thailand
In Thailand, trust between staff is strong and good interpersonal relationships keep work moving. The flip side is that confidential data sometimes gets handled lightly because "they are a friend" or "they asked nicely."
Real cases:
- An employee leaves and walks out with business data on a USB stick, used at a competitor.
- A friend asks for "study material," and a business app's admin screen is shared without authorisation.
- Internal chat or files are handled on a personal phone where family or friends can see them.
These incidents are usually less about malice and more about a difference in awareness — which is why up-front rules and education matter so much.
The basics are about organisational design
- Clear separation of permissions: design the admin / user / developer roles properly.
- Two-factor authentication: especially for admin consoles and cloud access.
- Regular education for staff: explain why a rule exists, not just what it says.
In Thailand, explaining the "why" tends to be more effective than enforcing rules formally.
Our support: pragmatic and on-the-ground
FJT SOLUTIONS (THAILAND) is fluent in both system development and security in the Thai context. After interviewing your IT environment and operational flow, we propose either advanced security architecture or pragmatic, ground-realistic improvements — whichever fits your team best.
Security is often perceived as expensive and complex, but small, well-targeted improvements can prevent major incidents.
Even familiar tools can do a lot
Microsoft 365 (Teams, Outlook, etc.) ships with strong security features:
- Per-team / per-channel read and edit permissions in Teams
- External sharing controls
- Confidential mail and automatic labels in Outlook
- Mobile-device access restrictions and multi-factor authentication
We also help configure these existing tools — often the fastest, lowest-cost win.


