Many security systems are built to force people to behave in a certain way. The user-friendliness of security systems is seldom discussed. A very simple example: users often need to behave differently depending on where they are or which device they are using. They need to use different authentication systems, different access applications (that looks and behaves differently) and sometimes even the target applications looks different depending on if they are on the outside or the inside. Add to this that we expect them to take security decisions and avoid security issues (as written in the latest security policy document which can be found in the second drawer under the coffee machine on the second floor).
Does anyone wonder why users see security as an obstacle? When we design our security infrastructure we need to address the issues of the users and respect their wishes. The plan should be for optimal security...for the users and the organisation. Well-implemented security solutions can and should help the users to do their job in an efficient way. Always try to make it as simple for the users as possible to access data and take away as many obstacles as possible (usually due to many point products and in-efficient security policies).
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment