Why usable security should drive your decision in selecting a PAM tool
Nicole Sundin
What is usable security?
At Delinea, ease of use has been a consistent focus with our products, but we have started to use the term usable security more frequently. Usable security is much more than a Delinea marketing term. Usable security is an academic field of study that evaluates the usability of computer security. We believe that our focus on this concept differentiates us from our competitors.
Usability must be tied to security to create a truly secure product
For the past 20 years, researchers have been studying how users interact with security products with a strong focus on users’ behaviors with passwords and authentication. This area of research has been extremely important to our UX and Product Team as we redefine the Delinea user experience and study how users interact with our products.
Why focusing on usable security is important
When a product is purchased and turns out to be difficult to use, the result is often low or no usage, or even worse there can be a complete lack of adoption. This can be detrimental for security products, not to mention a waste of valuable funds. For many years, usability was an afterthought in security products with little attention paid to how many interactions or how difficult it was to complete a task because security in and of itself was more important. However, we know today that usability must be tied with security to create a truly secure product. This is illustrated perfectly by researchers at DHS.
“Security must be usable by persons ranging from non-technical users to experts and system administrators. Furthermore, systems must be used while maintaining security. In the absence of usable security, there is ultimately no effective security ¹.”
At Delinea, we ensure that usability and security go hand in hand to increase adoption and decrease mistakes while interacting with the product.
How Delinea does it and why we lead the market
A Deep Understanding in Human-Computer Interaction and Usable Security. Unlike many UX teams in the security industry, our team is highly trained in human-computer interaction (HCI) and its subfields like usable security, computer-supported cooperative work, and information design & retrieval. We are constantly looking at research in these fields, from conferences like SOUPS and SigCHI, to understand their findings and how the findings can be applied to our products. Utilizing others’ research and embracing these concepts allows the team to look at our products through a different lens and builds understanding about how to craft a user experience that best serves our customers.
User Testing & Iterative Design. User testing is the foundation of our UX program. We are invested in user testing our designs and engaging our customers to make sure new features and designs meet our customers’ needs. It is a vital component to creating a user experience that is both flexible and frictionless. This year alone we have engaged with more than 100 customers using multiple testing methodologies, such as semi-structured interviews, think-aloud protocols which guide the user through tasks, and questionnaires. We use all this data to refine our designs to ensure we bring the most usable products to the market.
It’s been an exciting year at Delinea with the release of the new Secret Server user interface and we have a lot of new features and designs coming out in the next couple of quarters that we think will be very valuable to our customers.
Nicole Sundin
Director of UX and Product Management
1 US Department of Homeland Security. 2009. A Roadmap for Cybersecurity Research. (Nov. 2009). http://www.cyber.st.dhs.gov/docs/DHS-Cybersecurity-Roadmap.pdf.
If you’d like to experience usable security first hand, download a free trial of Secret Server:
IT security should be easy. We'll show you how