Home > Resources > Articles > Defense in Depth: User-Centric Security

Defense in Depth: User-Centric Security

It’s impossible to create a security system that removes the user from the equation. They are integral and they have to be part of your security program. Security is defined by the individual. The minimum expectation you can have of your users is that they’ll operate in good faith. Avoid complexity because as soon as it’s introduced it drives problems everywhere. Instead, keep asking yourself, how can I make security more usable?
Individuals are suffering from alert fatigue. If you’re going to send an alert to a user, make it relevant and actionable. And always be aware that your security alerts are not the only alert the user is seeing and deciding or not deciding to take action on. Think about all the alerts you completely ignore, like the confidentiality warning in a corporate email.

Become a contributor

Defense in Depth: User-Centric Security

Spotlight

RELATED ARTICLES

Protection vs Privilege

The NIS2 cyber security rules are coming – are you ready?

Security by Sector: Improving Quality of Data and Decision-Making a Priority for Credit Industry

Protection vs Privilege

The NIS2 cyber security rules are coming – are you ready?

Security by Sector: Improving Quality of Data and Decision-Making a Priority for Credit Industry