Why isn’t cybersecurity more user-friendly?
Sort by:
We have to make sure that we've got secure products and sometimes the one thing that destroys the customer experience is security. Sometimes companies don't really think about how disruptive security can be to that customer experience, which amazes me.
For example, there is a brand new, online robo advisor that I use and one day I tried to log in through their mobile app. I put in my user ID and password; it sent me a two factor code and then told me my username and password were incorrect. So I went back and reentered it over and over and nothing worked. I finally reset my password and tried it again but it still didn't work. About a minute later, an email comes in that says, "We're changing our authentication mechanisms. That code we sent you was a password. Please use that in place of your actual password. This will be our authentication mechanism moving forward." I thought, "Who the heck designed this?” It was the craziest thing I've ever seen.
I get as frustrated as everybody else in situations when you have to deal with trying to get back into a system. I went through that with Norton when LifeLock and Norton came together. I lost everything in my vault—now what? I’d written the vault password down because you can't put another system into your vault password. With that setup, something will be compromised somewhere. And then if you do something wrong, you and your vault are done. There's got to be a different way.
In the past, it was a necessary evil. Security was very difficult unless the product was easy to use and I can't think of any product that really was. They were basically mandated. You’d say, "You will use it or else."
Now I see much more willingness to follow the rules and the security, both from consumers as well as enterprise users. And it's primarily because so many breaches have been publicized that the business and personal impacts are much better understood. People are willing to accept some inconvenience to get a bit more protection and security. But I would say that security products are still not easy to use.
There are some examples I’ve found that are exceptions, which are primarily on the brand reputation and threat. Consumer-type products like Insight were easy for us to use; we deployed Insight in a number of companies I've been associated with. But in general, cybersecurity products are very complex. As a result of that, they're not as intuitive and as user-friendly as e-commerce or other examples of technology products.