Home » Digital Security » Enhancing Security Measures While Maintaining a Positive User Experience
Digital Security

Enhancing Security Measures While Maintaining a Positive User Experience

Stan Black, chief of security and information officer at Citrix, explains why user experience is key to securing applications and data.

Stan Black

Chief of Se Officer,

Why is the user experience so important to security?

The challenge is a historic one, coming from a time when security wasn’t a top priority for businesses. This has to change. Overly restrictive security can lead to a poor user experience because it puts strict limits on what users can do, hindering their productivity. Work is done everywhere, so we have to enable users to be productive on the device, network, cloud and from the location of their choice. If we don’t, users will go around security policies and inadvertently expose sensitive applications and data to potential loss or theft. By giving users the tools they need to do their job, we can dramatically reduce the available attack surface.  

Why is complexity the enemy of security?

Complexity expands attack surfaces and makes proper cyber hygiene almost impossible for complex, siloed technology teams. They can never keep up. Reducing the complexity of your infrastructure is key to improving user experience and reducing risk. Removing complexity gives us more visibility to identify and remediate potential threats, create smarter policies that learn from our behavior and reduces the number of “soft spots” where attackers might be able to gain access. 

 Name three things all businesses should to do to provide the most secure and positive experience.

We’re seeing more and more add-on tech that promises to solve things like data loss or malware. First, understand what your business functions and employees need to get their work done, and make sure security and IT can enable those tools. Second, take inventory of what you have. If you don’t know what you have, how can you protect it? Finally, businesses should be looking for solutions that solve challenges big and small. This way, they can remove outdated layers and replace them with services that solve multiple business challenges and simplify the infrastructure so it’s easier to find threats faster.

Next article