How does User Experience impact software security?
Software security and User Experience Design are topics that attract a lot of discussion in tech media, but they are not often discussed in the increasingly important ways that they overlap. Aside from news coverage about high-profile cyber breaches, software security isn’t as fashionable to talk about as user experience, or “UX”.
The rift between the two topics is understandable when you take into consideration the way they’re typically discussed. Software security is riddled in technical jargon that is best understood by engineers and developers, whereas the highs and lows of software interaction experiences are often covered in mainstream media.
Although there is a rift in knowledge, the way we approach usability is key to bridging the gap between the security community and everyday users. Here are three points both software providers and the businesses that purchase software should consider:
1. Competition is everywhere
With cloud services taking advantage of the interconnected nature of the Internet, user-friendly applications are available to almost everyone, anywhere in the world. If your professionally designed software is overly technical or offers a lesser experience when compared to similar free services (like file sharing), users will shift to the software that is most accessible to them. This is known as psychological acceptability, where users or employees gravitate toward the insecure service alternative if the secure service is too difficult to use.
2. Implementing usability in security features
Another consequence of asking users to implement difficult security features is it increases the likelihood that users will make a mistake or drop the protections completely. Software providers can enhance the usability of security features by integrating how users intuitively visualize implementing their security. Stemming from the principle of psychological acceptability, security feature interfaces need to be easy to use to avoid user mistakes in their application. This leads to a design focused with the end goal in mind – seamless, easy to implement security protections.
3. Secure Default Settings
“Secure by default” is another secure design principle that’s relative to usability, which states that a system should default to the most secure state possible. However, software vendors have traditionally tried to make software more usable by disabling security features in the default configuration.
Another secure design principle is “secure by default” – meaning that the default settings should be the most secure settings possible. However, to make software user-friendlier, designers are disabling security features in the default settings all together, meaning that users have to opt-in their security features to secure their systems.
This kind of non-user-focused security is not only difficult to understand, it is often tedious to scale and maintain, encouraging users to find workarounds. For example, if users need to consistently make complex passwords for a variety of systems, they will resort to using the same password across all systems.
To be effective, software providers need to invest in both security and usability from the beginning of the design process, allowing today’s best practices in each area to inform the other.
If you’re looking for a large file transfer solution that is built with high-grade security and usability in mind, try Media Shuttle for free.
Media shuttle offers the advantages of a SaaS solution that users want (user-friendly, world class performance and familiar web interfaces) as well as cost-effective technology that scales to business needs. Media Shuttle’ hybrid SaaS design also allows Signiant to implement top tier security measures.