How to start a project on a scalable security foundation