My MVP for a user functionality is to list a profile on a web app. This includes profile image, the web url and their social media usernames.
I'm building it from scratch on top of firebase. I'm concerned over securities such as protecting public functions from malicious attacks, putting in some logging mechanism to see if the functions take too long to execute, do some testing from an early stage, writing code in a way that it can be easily moved to another platform if needed to.
I sometimes wonder what is the line of over engineering and having a functional reliable MVP. Do you take security matter and other concerns in consideration when building an MVP at the beginning?
How do you draw a line?