Security and the Path of Least Resistance
Physics says that the path of least resistance is generally the one that most people take. If we contextualize this by looking at how humans have evolved, adapted and figured out how to survive, it’s easy to understand why. Like any other living creature, we had to conserve energy when we could in order to hunt effectively. We take shortcuts because they are more efficient and use up less energy and fewer resources.
Today, the situation is somewhat different. We’re often encouraged to take the path of most resistance based on the simple fact that many of the greatest accomplishments and tasks have taken significant time and effort.
The advent of technology is one. Ironically, man has worked tirelessly towards technological developments with the aim to make jobs easier and less tiring. Laptops to printers, cloud security to big data analytics – these breakthroughs have become very handy tools for the business owner and have had significant impacts on productivity, performance, profitability and time.
Cumbersome technology fails
We recently did some research into the security practices of financial services professionals in the UK. The goal was to analyse the use of secure communications, following recent high profile data breaches like TalkTalk and WH Smiths. Almost 60 per cent of respondents admitted that they found their current solutions cumbersome and difficult to use. This perception increased even further when we drilled down into the mature employee category. Over 63 per cent of those aged 45 and over found their email security solutions challenging to navigate.
These findings take us back to our ancestral ways of thinking: the need to make life easier. If email security solutions – or any other technologies – are too complicated, employees will almost certainly find easier means to complete a task. In this scenario, security is the ball that is dropped. Not a week goes by without some kind of assault on an organisation led by malicious criminals. Insider threats also keep senior business leaders awake at night. A recent PwC report in the US found that 32 per cent of respondents consider insider threats to be costlier and more damaging than external incidents.
User experience drives adoption
In 2014, email was the top communication channel with 35 trillion messages sent, so what should businesses do to protect this goldmine of information?
User experience is key. Too often it is ignored by businesses during the development stage of new solutions, or underestimated by focusing on the technology rather than educating the user. If you roll out a tiresome, unmanageable solution, no matter the level of encryption it provides, this will encourage workers to find a less secure workaround that puts your business, your employees and your customers at risk.
Making the effort to build features that facilitate user education and ease of use is vital. By automating decisions around securing content, businesses can remove the risk of human error entirely. For example, a ‘secure now’ button in an email that simplifies the process of encryption while reducing vulnerability, places little to no reliance on the end user and will facilitate higher adoption rates. This, combined with an extra layer of intelligence at the perimeter which scans all email against security policies, will add essential reinforcement to IT infrastructures.
If employees don’t have an experience that meets their needs and requirements, they will almost certainly disregard process and search for another technique to get the job done. Resource-constrained companies need solutions that will be easy to implement and manage. By offering users choices, not limitations, you dramatically improve experience, productivity, and operational efficiency.
To learn more about how you can seamlessly integrate email encryption into your environment while driving performance and customer-centric experience:
By Greg Aligiannis, Senior Director of Security at Echoworx