Design for security
What insights do we gain if we apply user experience design to information security? Serena Chen shares four strategies that apply design thinking to security problems, pinpointing which practices work and which are detrimental. Serena then walks you through some common flows and dissects how design decisions affect your personal security.
| Talk Title | Design for security |
| Speakers | Serena Chen (BNZ Digital) |
| Conference | O’Reilly Velocity Conference |
| Conf Tag | Building and maintaining complex distributed systems |
| Location | San Jose, California |
| Date | June 12-14, 2018 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
Today, the internet owns our lives. Every website and app we touch knows us: our personal information, our inane ramblings, our deepest secrets. Security has never been more crucial, yet it’s a rare topic outside of ISM teams and hackers. And through the design lens, it’s completely missing. This is a mistake. There’s a misconception that security is a niche for masterminds. In the real world, most security breaches don’t come from 0days or neat hacks. In fact, most errors are human—simple scams that have worked since society began. This is where design fills a missed opportunity. Good user experience design is necessary for good security. We can craft paths of least resistance that match paths of most security. We can educate our users on what is good practice and what is security theater. We can build secure flows that are usable, not obstructive or annoying. Serena Chen shares four strategies that apply design thinking to security problems, pinpointing which practices work and which are detrimental. Serena then walks you through some common flows and dissects how design decisions affect your personal security.
