+1-202-802-9399 (US)
The Lockdown

Thycotic’s Cyber Security Blog

Why Usable Security Should Drive Your Decision in Selecting a PAM Tool for Your Organization

mm

Written by Nicole Sundin

November 5th, 2019

What is Usable Security

At Thycotic ease of use has been a consistent focus with our products, but we have started to use the term Usable Security more frequently. Usable security is much more than a Thycotic marketing term. Usable security is an academic field of study that evaluates the usability of computer security. We believe that our focus on this concept differentiates us from our competitors.

Usability must be tied to security to create a truly secure product

For the past 20 years, researchers have been studying how users interact with security products with a strong focus on users’ behaviors with passwords and authentication. This area of research has been extremely important to our UX & Product Team as we redefine the Thycotic user experience and study how users interact with our products.

Why Focusing on Usable Security is Important

When a product is purchased and turns out to be difficult to use, the result is often low or no usage, or even worse there can be a complete lack of adoption. This can be detrimental for security products, not to mention a waste of valuable funds. For many years, usability was an afterthought in security products with little attention paid to how many interactions or how difficult it was to complete a task, because security in and of itself was more important. However, we know today that usability must be tied with security to create a truly secure product. This is illustrated perfectly by researchers at DHS.

“Security must be usable by persons ranging from nontechnical users to experts and system administrators. Furthermore, systems must be usable while maintaining security. In the absence of usable security, there is ultimately no effective security ¹.”

At Thycotic, we ensure that usability and security go hand in hand to increase adoption and decrease mistakes while interacting with the product.

How Thycotic Does it & Why We Lead the Market

A Deep Understanding in Human Computer Interaction and Usable Security. Unlike many UX teams in the security industry, our team is highly trained in human computer interaction (HCI) and its subfields like usable security, computer supported cooperative work, and information design & retrieval. We are constantly looking at research in these fields, from conferences like SOUPS and SigCHI, to understand their findings and how the findings can be applied to our products. Utilizing others’ research and embracing these concepts allows the team to look at our products through a different lens and builds understanding about how to craft a user experience that best serves our customers.

User Testing & Iterative Design. User testing is the foundation of our UX program. We are invested in user testing our designs and engaging our customers to make sure new features and designs meet our customers’ needs. It is a vital component to creating a user experience that is both flexible and frictionless. This year alone we have engaged with more than 100 customers using multiple testing methodologies, such as semi-structured interviews, think-a-loud protocols which guide the user through tasks, and questionnaires. We use all this data to refine our designs to ensure we bring the most usable products to the market.

It’s been an exciting year at Thycotic with the release of the new Secret Server user interface and we have a lot of new features and designs coming out in the next couple quarters that we think will be very valuable to our customers. If you would like to be involved in user research testing or have product feedback to share, please reach out to UX@Thycotic.com.

Nicole Sundin
Director of UX and Product Management

1 US Department of Homeland Security. 2009. A Roadmap for Cybersecurity Research. (Nov. 2009). http://www.cyber.st.dhs.gov/docs/DHS-Cybersecurity-Roadmap.pdf. 

If you’d like to experience usable security first hand, download a free trial of Secret Server:

IT Security should be easy. We’ll show you how.

Try Secret Server and experience how FAST & EASY
IT security products can be.

 

Like this post?

Get our top blog posts delivered to your inbox once a month.

SHARE THIS


The following two tabs change content below.
mm

Nicole Sundin

Nicole Sundin is the Head of Usability at Thycotic. She has 5+ years of experience working in the cyber security industry. Nicole is currently pursuing her PhD in Human-Centered Computing focusing on the intersection Information Visualization and Usable Security.