Consider digital security from the very start
Security and user-friendliness do not have to be mutually exclusive. On the contrary: If security is a consideration right from the start when developing new IT products according to the ‘Security by Design’ principle, it can represent a value in itself, says genua Managing Director Marc Tesch.
Security as a trust anchor in the digital world
As soon as the opportunities of ever-greater connectivity and automation are mentioned, the risks of digitalization are the next thing on the agenda – as if it were an inextricable contradiction. But this view falls too short.
For many, security is initially a negative need: It only becomes important when something has been threatened. Up to this point, security is often seen almost reflexively as a restriction of freedom. What complicates matters more is that further development, especially in IT, is progressing faster than anything mankind has ever experienced before. In the case of digitalization, this usually leads to security being retrofitted in systems, like in a patchwork carpet, and fitted as a foreign object.
The consequences of this were recently demonstrated by Meltdown and Spectre, massive security vulnerabilities that affected almost every modern computer. A common practice for increasing computer performance proved to be a security risk – and to a shocking extent. Security in the digital world is apparently not always taken into account from the very beginning. The focus is on performance, connectivity and new applications.
Consider security as a value in itself
Yet in the digital world, security must be seen as a value in itself – as an anchor of trust and a business enabler. In our new world of work, secure mobility solutions allow people to work more flexibly and to reconcile family and career in a society that is always ‘on’ – while keeping risks for entrepreneurs and users as low as possible.
The potential of the fourth industrial revolution, i.e. Industry 4.0, can only be tapped if data communication solutions and clouds offer more freedom for cooperation between companies combined with security, for example, by preventing the outflow of sensitive business data. If we look at crypto Trojans or possible disruptions in energy supply, we see that insecure connectivity is a threat to real values.
Usability as a prerequisite
The order of the day is therefore ‘Security by Design’: Only solutions that are transparent, secure and therefore trusted for the user right from the start can create new freedoms. But they will only be used if they are also user-friendly. The best example of this is end-to-end encryption in e mail traffic or popular messenger services. Users only get involved if IT security is not disruptive and does not require any additional steps. A lack of usability turns out to be the biggest security risk here.