Security is Product Management: A Podcast with Nadav Benbarak
Our very own Nadav Benbarak recently sat down with Alpha UX’s Mike Fishbein for his “This is Product Management" podcast series to share his perspective on security opportunities, balancing user experience with security and what organizations can do to be more secure.
You can the find entire podcast below – but if you don’t have 30 minutes to listen in full, here are five highlights:
1) Make It Secure By Making It Easy: Making sure the right people have access to the right things at the right times is a tangible problem and one many companies run up against each day. While everyone acknowledges the problem, it’s much harder to solve. Because most people have hundreds of applications – and limited mental capacity – there’s a natural tendency to reuse passwords, inherently making everything less secure. There is a big opportunity for companies to apply new forms of authentication to reduce the burden on users and make security, not only usable, but also effective.
2) Establish Trust Above All Else: All software providers are actually in the security business – one that’s predicated on trust. Transitioning company data from proprietary data centers where organizations physically control and maintain those assets, and allowing another company to house it elsewhere, is a big deal for IT. As large organizations continue to adopt cloud software (remember, only about 10 percent of enterprise software spend is SaaS), demonstrating sound security practices to customers is essential.
3) We’re All In This Together: Whether targeting enterprises or consumers, everyone needs to think about building security into applications. Low assurance products that don't claim to offer security have a major responsibility to be secure. They may seem innocuous and inconsequential in the grand scheme of things, but they’re subject to being breached or exploited to access and use login information elsewhere.
4) Modularize Your Approach To Security: Product management is a very collaborative discipline. One example of this within Okta is our team of security matter experts that reviews, audits and tests all engineering practices and output. That shared service also allows us to create modular services that others can reuse to move quickly, but also allows us to infuse that security know-how across our offering.
5) Keep Your Eye On Mobile Security: Put simply, companies are failing to make mobile devices secure. In fact, the focus on securing device versus users themselves is a problem in itself. And while Android and iOS are the two front-runners in the enterprise market, and both are making significant investments in security postures, there’s a long way to go. Once crevices start to appear, new battles will be played out, creating opportunities for new innovation and opening up new customer segments that aren’t served by existing players. Think Nadav is on to something? Want to hear more for yourself? Head to iTunes to download the podcast or listen on SoundCloud below. [embed]https://soundcloud.com/tipm/015-security-is-product-management[/embed]