Total Tests:

How to keep employees happy and safe, and marry security with user experience

By Keumars Afifi-Sabet for IT Pro
Tuesday, October 17, 2023

Zero trust has become the go-to cyber security policy in the modern enterprise, moving from a buzzword to one of the foundational principles of digital transformation – a meteoric rise in just a few short years. And for good reason, given the scale of threats that emanate from inside the business – with user error among the weakest links.

How to guarantee a streamlined employee UX

There’s no good in implementing technical controls, says Dr Ilia Kolochenko, a cyber security and cyber law expert and CEO of ImmuniWeb, without adequate training. “Technical controls will bring more harm than good if implemented without proper education of end users.

“Users deserve friendly training that would convincingly explain why all these security controls – that most users may reasonably perceive rather as a hindrance – are really needed to protect their company, their colleagues, and even themselves.”

He says once they accept that such controls are needed, even more training is needed to convey how to use them efficiently. Some businesses, he warns, may be tempted to impose technocratic training – but it really pays to offer some kind of reward for engagement, such as company-wide recognition in some way.

“Security awareness is a continuous process, not an ad-hoc exercise,” he continues.” Therefore, companies really need to regularly conduct training and drills, and even organize year-long competitions, for instance, the person who spots the highest number of phishing emails will get a valuable prize, while other top 10 reporters will get some financial bonuses.

The best approach is to understand the needs of end users, he concludes, and to make sure all their requirements to use digital equipment are met. “And then,” he adds, “implement full automation for everything, while making sure that security controls cannot be bypassed or at least such attempts are detected and contained in a timely manner.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential