SUBSCRIBE
121
0
Security

Better security decision through better design

Security is not always about zero day attacks, buffer overflows and cyber espionage rings, according to Chester Wisniewski, senior security advisor at Sophos Canada.  Working on usability and developing better user experice is critical as well in his line of work.

Software designers and security experts, he said, also spend a great deal of time and effort figuring out how to present information in the right way so that users can easily understand them and actually use them to make better decisions.
 

For instance, when Wisniewski was assigned to help in designing the Sophos Email Appliance, he was asked by his bosses to represent the user in the process.

The technical details of how technical support and auditing could be provided were still worked out, he said in a recent post on the Naked Security blog site. However, the developers spent an equal amount of time figuring out how the product would actually work for an administrator.

RELATED CONTENT

Creating a new mobile user experience with BlackBerry Z10
User experience gauges IT success

 
Adam Shostack of Microsoft Corp., in his presentation at the BSides security conference in Vancouver last week, demonstrated a NEAT idea of how developers can SPRUCE up their coding, according Wisniewski.
 
 
NEAT and SPRUCE are actually wallet cards that developers carry around and refer to when designing security prompts.
NEAT and SPRUCE are acronyms that “remind them to think carefully about all the aspects involved,” said Wisniewski.

These flash cards are something that developers in your organizations might find useful as well.


Read the whole story here

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Previous article
Samsung exec slams Windows 8
Next article
Canada 9th in cloud regulations: Industry group

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...
Read more

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...
Read more

Related Tech News

Tech Jobs

Subscribe to our Newsletter

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

SUBSCRIBE

Tech Companies Hiring Right Now

Popular Stories This Week

ITWC Network

Follow Us

©

2024

IT World Canada. All Rights Reserved.

SUBSCRIBE