How are you thinking about user experience (UX) in the context of security? Is it a priority?

2.2k views7 Comments

CISO in Software, 51 - 200 employees
I'm trying to balance the end user experience but we're a security company, so we have to be painfully secure. And it's painful for the end users. People hate getting logged out of Slack every single day and then forcing it through Okta, etc., but we have to do it.
Director of Product Engineering & IT in Software, 51 - 200 employees
It’s always a balance to make sure that your website is secure without making the security too cumbersome. 

But most users are familiar with the hoops that they’re required to jump through now (reCaptcha, MFA, challenge questions, etc).  So you’re always better off to err on the side of security as long as you communicate to end users the  expectations in a clear and graphically pleasing way. 
Director of IT in Manufacturing, 201 - 500 employees
It is a priority even though it might be uncomfortable for the users; the key is to take real life examples of why we are doing it.
Director of IT in Software, 51 - 200 employees
I think yes, Well designed UX can play a role in the context of security, But it's not a priority.
Head / Vice President - Technology Solutions in Software, 51 - 200 employees
Security is always a priority.  However when it comes to UX, the design part may not have direct impact of it but we try to make sure that the data entry fields and other UX elements don't have any data leaks or compromises.  
Systems Senior Director, Information Technology in Retail, 10,001+ employees
Security is always a priority.  While needless to say, UX is important, I find most users will tolerate some inconvenience if they feel it is for the protection of their information.  In my opinion,  they may actually even appreciate even up to moderate inconvenience if the UX is for something highly sensitive and critical such ad financial/banking and healthcare information.  I know I do
Head of IT in Finance (non-banking), 11 - 50 employees
I see good UX as a top priority in security. There are too many cases where one tried to increase security but did not consider the user experience. Be it data, privacy, or access protection only really works when it is designed to be used easy enough for us humans. For example, making the access procedures more complicated with captchas can have a negative effect - when these captchas for example are easier/faster solved by machines than by real humans.

Content you might like

crowd strike38%

sentinel one56%

carbon black5%




CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
46.4k views133 Upvotes324 Comments

Yes - Maine did the right thing. There are too many security risks with free versions of these tools. Not enough copyright or privacy protections of data.30%

No, but.... - You must have good security and privacy policies in place for ChatGPT (and other GenAI apps). My organization has policies and meaningful ways to enforce those policies and procedures for staff.53%

No - Bans simply don't work. Even without policies, this action hurts innovation and sends the wrong message to staff and the world about our organization.12%

I'm not sure. This action by Maine makes me think. Let me get back to you in a few weeks (or months).3%


9.2k views9 Upvotes1 Comment