Wednesday, June 25, 2008

The Road to Safety

One of the biggest challenges with any security product is trying to find the proper balance between security and usability. The two goals often seem at odds with one-another; after all, for each thing you make possible, you may open a door for exploitation. We made it a priority at the beginning of the SafeCentral project NOT to sacrifice the security of our solution, so we've been tirelessly seeking ways to provide a seamless experience without softening the security promise. The suspend/resume functionality I previewed earlier (now in the live build), is an example of that. We provided the ability for SafeCentral to seamlessly co-exist with your other applications/activities, without inviting the weaknesses of those applications into our safe environment.

We've achieved similar success with a new browser plug-in feature, that actually INCREASES the security of our product by offering configurable alerts to the user when the site they're trying to visit might warrant the extra safety of SafeCentral. The same framework can be used to prevent phishing, by filtering URL's against known phishing sites. The great thing about this function is that it doesn't alter or weaken the security of the SafeCentral environment in exchange for simplicity, but provides the user with a completely seamless experience that makes SafeCentral a part of their normal workflow. I like to think of SafeCentral as the secure companion to your everyday browsing, and nothing makes that companion easier to access than this plugin feature.

As a self-described technology geek, I'm often asked by friends, neighbors and relatives for advice on what electronics to buy. One of the most common requests is which camera to get. I've read the reviews, tested various units, and formed plenty of opinions about the features that I think matter most. However, I often recommend a camera with lower resolution, fewer features, and other sacrifices. Why? Because "the worst picture you can take is the one you never take". Which is my way of saying that features and image quality are great, but if you don't have your camera with you because you can't stand lugging it around, all of those features aren't going to matter. So, get the small one that fits in your pocket. The same principle applies to security software design; the only security that matters is the security that you use.

So, we've gone to great lengths to provide many 'on-ramps' to the SafeCentral experience: the Programs menu, desktop icons, the taskbar, your normal browser and more all can invoke a SafeCentral session. As a user, that means you'll have the option to enter the safe environment whenever the whim, need, or opportunity arises, without having to remind or retrain yourself to do it. That, more than anything, is the most powerful form of security: security you'll use.
The attached video previews the plugin function; I welcome comments and look forward to its release in our July build.

No comments: