YOU ARE AT:Uncategorized2014 Prediction: The rising conflict between ease-of-use and security

2014 Prediction: The rising conflict between ease-of-use and security

Editor’s Note: With 2014 now upon us, RCR Wireless News has gathered predictions from leading industry analysts and executives on what they expect to see in the new year.

Let’s face it: when it comes to getting something done, most of us choose the path of least resistance, opting for the easiest route to an end goal rather than a more complicated, yet less risky method. This is especially true when it comes to data security. From personal to business, the amount of data we manage is mind-boggling. Unfortunately, this is causing a conflict between ease-of-use and security. We are creating more data on more devices and because users have information everywhere, keeping it secure is difficult. We already see some of this today, but this is an issue that is going to become much more prevalent in 2014 and beyond.

Consumers rely on smartphones and tablets more than ever before. While mobile phones were once used simply as a means to communicate, today they carry sensitive information, from personal contact information to access to financial accounts to work data.

Imagine the chaos could ensue if a thief happens to get his hands on all that data. And the data probably isn’t especially hard to steal. Any security system is only as good as its weakest link, and humans are the weakest link of all. Despite best intentions, devices are constantly left in cars, at restaurants, in the seat pocket of a plane, on a conference room table and just about every other place you can imagine.

Despite the fact that people recognize mobile security is an important issue, only 44% of people set a personal identification number or a passcode on their phone. For many, it’s an issue of time. The time it takes to set the pin, as well as input it every time the phone is checked seems to be a burden on users who choose to forgo the security step. This conflict between security and ease of use is really coming to light as more organizations and employees struggle with keeping their data safe on multiple devices, in multiple locations.

Organizations have an obligation to keep data safe while also ensuring ease of use for employees. According to reports, more than 80% of employed adults use some kind of personally-owned electronic device for work-related functions. Security needs to start from within the device as more and more users check their work email while standing in line at Starbucks or waiting for a flight – in plain sight of other people and vulnerable to hot spot attacks. While it’s a compelling for users to use the downtime to scroll through emails and work their to-do list, there needs to be a security context in place especially if they are connecting to a company network. Dual-authentication is a practice here that should be more widely adopted as it could keep users from succumbing to nosy neighbors looking over their shoulder as they answer an important email from their boss. In general, basic measures will need to be put in place to protect the employee and their employer if a personal device (and all that data) falls into the wrong hands.

So what needs to be done to solve this issue? In all honesty, personal device security boils down to human behavior and that is a hard “issue” to solve. For now, what we need are for security precautions to be extremely simple and not time-consuming. Although a bit controversial since it’s announcement, Apple’s Touch ID is a good example of how the security industry can move forward and make sure users are keeping security top of mind. If biometrics are what we need to solve this issue, then so be it. For an IT executive (and their department) that means knowing what applications employees are using and how to secure them at a departmental level. It will be interesting to see what new technologies and processes are put in place in the coming year as security issues continue to rise, and whether or not we hit the tipping point that convinces users to adopt the security practices they need to keep themselves safe.

ed_about_execs_moore

Paul Moore is co-founder of Centrify and serves as its CTO, where he provides the technical vision for its award-winning software and cloud security solutions. Prior to Centrify, he was VP and Principal Architect for next-generation storage management products at Computer Associates, and prior to Computer Associates Moore was CTO of Netreon. Prior to Netreon he was a Program Manager in Microsoft’s Windows 2000 development group, where, among other things, he drove the integration between Active Directory and the Windows 2000 enterprise print subsystem. Moore holds a Bachelor of Science degree in Math and Physics from the Open University, Milton Keynes, U.K., and is a fellow of the Institution for Analysts and Programmers in the U.K.

ABOUT AUTHOR