editor’s question
RICHARD
ARCHDEACON,
ADVISORY CISO
AT DUO SECURITY
A
s businesses
demand greater
agility and
flexibility for their
in-house and
external teams,
vendors must
reflect that change. This is particularly
important in the area of security which,
although vital to the success of an
organisation, is not often seen as
necessary. An author wants to write, a
designer to design. They do not come
in to work to be a security professional.
So success will depend on the vendor
ensuring that the end user works in
partnership to secure the organisation.
Vendors must ensure solutions are easy
to use and do not impede the user and
their work experience. A key way in which
vendors can work with end users is to
focus on the design of their solutions
and ensure that they are effective but
easy to use. An example of this would be
ensuring a common experience across
all the platforms open to end users in
28
their daily activities – a solution should
be similar across laptops, mobile phones
and intelligent watches.
The vendor needs to ensure that the
functional requirements are implemented
without interrupting the user workflow.
If it interrupts what a person needs to
do it will create a negative experience
and, understandably, users will develop
workarounds, therefore undermining the
purpose of any control.
By making authentication simple while
running checks on devices in the
background, end users can stay secure
without degrading performance or
interrupting work.
If an update is needed to a device then
rather making it intrusive the vendor can
develop an approach which includes
the end user in the decision and
implementation process.
To develop these solutions, vendors
need to have a programme which
includes end users in the development
of new solutions. Making it easy to use is
the first step but ensuring that end users
test it and provide their input is a critical
second step before release.
So keeping it simple and consistent
while supporting – not interrupting – the
end user is the way to get the best out of
the partnership.
Making it easy to
use is the first step
but ensuring that
end users test it and
provide their input
is a critical second
step before release.
Issue 17
|
www.intelligentciso.com