The user experience of security
Introduction
Back in the 1990s, when you mentioned cybersecurity to anyone, a glazed look would come over their face. And fair enough. Security, as a discipline of IT, was a bit dry and boring.
Then the internet hit, and we all become co-opted into cybercrime in one form or another. Scams are now so ubiquitous that many countries have their own government services attempting to educate citizens. In the U.S., for example, the Federal Trade Commission (FTC) has a Scam Alert site dedicated to bringing the latest scams into the public forum. Another example is Australia, with its own Scamwatch site.
Even so, the “user” (aka people) generally does not want to have to think about security. The internet may be everywhere, but security is still boring. It is not until something actually bad happens that folks sit up and take notice.
However, as a business, we need to have our staff and other associates on watch for cyberthreats. We need to make sure that security moves out of the shadows and into our awareness so we can reduce the chances that our company will be the victim of a cyberattack. This, as with many areas of technology, comes down to making the interaction with security a good User Experience (UX).
Elements of UX in cybersecurity tools
To make an analogy to another area of tech: If you were to design a commercial website in the way that many security tools or processes are designed, you’d lose customers. Cybersecurity tools, even those meant for consumers, can often be complicated to understand and set up. Some use cases give us an insight into how UX can impact security choices.
The case of login credentials (authentication)
It is now accepted wisdom that using a second factor (2FA) such (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Susan Morrow. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/u_TZs61NRXM/
