Sustained outflow of foreign funds and an upward momentum in the crude oil prices weighed on the local unit, forex traders said

Total income rose to ₹14,871 crore in the quarter under review, from ₹13,530 crore in the same period a year ago, IndusInd Bank said in a regulatory filing

The rupee rises slightly against dollar amid strong dollar and foreign fund outflows; RBI intervention expected to support local currency

Meanwhile, the dollar index, which gauges the greenback's strength against a basket of six currencies, was trading 0.08% lower at 103.91

Muhurat trading is a one-hour, symbolic trading session conducted by stock exchanges on the occasion of Diwali, marking the start of the new Samvat year.

Rupee recovers slightly against U.S. dollar amid election uncertainty, FII outflows, and volatile global markets

Police suspect previous enmity to be the reason behind the incident

The Nilgiris district administration said that owing to work on the new Kundah hydro power house in Kattukuppai, water stored in the Emerald Dam will be released

Forest Department officials said the fishermen who were involved in rescuing the Dugong would be felicitated and rewarded

SASTRA’s the School of Arts, Sciences, Humanities and Education, in collaboration with Sahitya Akademi, organises seminar on the celebrated playwright in Thanjavur

The removal of the footpaths will help increase the width of the carriageway at points where lanes on either side of the median will be barricaded

The star also requested his fans, members of the film fraternity, media, party cadres and ‘fellow Indians’ to refer to him ‘simply as Kamal Haasan or Kamal or KH’

The loss to one section of women has been overlooked in the euphoria over the gain to another section, says Justice N. Seshasayee

He expressed concerns over the future of a section of students and youth who were allegedly involved in using and selling such banned substances

BJP’s Tamilisai Soundararajan says that it is not necessary that only parties with similar ideologies should form an alliance

The funds are to be utilised for the implementation and monitoring of an environmental and social management framework for flood protection work in Chennai, Tiruvallur, Chengalpattu, and Kancheepuram districts

Divya Sasidharan calls into question the trade-offs often made between security and usability. Does a secure interface by necessity need to be hard to use? Or is it the choice we make based on years of habit? Snow has fallen, snow on snow.

Security is often synonymous with poor usability. We assume that in order for something to be secure, it needs to by default appear impenetrable to disincentivize potential bad actors. While this premise is true in many instances like in the security of a bank, it relies on a fundamental assumption: that there is no room for choice.

With the option to choose, a user almost inevitably picks a more usable system or adapts how they interact with it regardless of how insecure it may be. In the context of the web, passwords are a prime example of such behavior. Though passwords were implemented as a way to drastically reduce the risk of attack, they proved to be marginally effective. In the name of convenience, complex, more secure passwords were shirked in favor of easy to remember ones, and passwords were liberally reused across accounts. This example clearly illustrates that usability and security are not mutually exclusive. Rather, security depends on usability, and it is imperative to get user buy-in in order to properly secure our applications.

Security and Usability; a tale of broken trust

At its core, security is about fostering trust. In addition to protecting user accounts from malicious attacks, security protocols provide users with the peace of mind that their accounts and personal information is safe. Ironically, that peace of mind is incumbent on users using the security protocols in the first place, which further relies on them accepting that security is needed. With the increased frequency of cyber security threats and data breaches over the last couple of years, users have grown to be less trusting of security experts and their measures. Security experts have equally become less trusting of users, and see them as the “the weakest link in the chain”. This has led to more cumbersome security practices such as mandatory 2FA and constant re-login flows which bottlenecks users from accomplishing essential tasks. Because of this break down in trust, there is a natural inclination to shortcut security altogether.

Build a culture of trust not fear

Building trust among users requires empowering them to believe that their individual actions have a larger impact on the security of the overall organization. If a user understands that their behavior can put critical resources of an organization at risk, they will more likely behave with security in mind. For this to work, nuance is key. Deeming that every resource needs a similarly high number of checks and balances diminishes how users perceive security and adds unnecessary bottlenecks to user workflows.

In order to lay the foundation for good security, it’s worth noting that risk analysis is the bedrock of security design. Instead of blindly implementing standard security measures recommended by the experts, a better approach is to tailor security protocols to meet specific use cases and adapt as much as possible to user workflows. Here are some examples of how to do just that:

Risk based authentication

Risk based authentication is a powerful way to perform a holistic assessment of the threats facing an organization. Risks occur at the intersection of vulnerability and threat. A high risk account is vulnerable and faces the very real threat of a potential breach. Generally, risk based authentication is about calculating a risk score associated with accounts and determining the proper approach to securing it. It takes into account a combination of the likelihood that that risk will materialize and the impact on the organization should the risk come to pass. With this system, an organization can easily adapt access to resources depending on how critical they are to the business; for instance, internal documentation may not warrant 2FA, while accessing business and financial records may.

Dynamically adaptive auth

Similar to risk based auth, dynamically adaptive auth adjusts to the current situation. Security can be strengthened and slackened as warranted, depending on how risky the access point is. A user accessing an account from a trusted device in a known location may be deemed low risk and therefore not in need of extra security layers. Likewise, a user exhibiting predictive patterns of use should be granted quick and easy access to resources. The ability to adapt authentication based on the most recent security profile of a user significantly improves the experience by reducing unnecessary friction.

Conclusion

Historically, security failed to take the user experience into account, putting the onus of securing accounts solely on users. Considering the fate of password security, we can neither rely on users nor stringent security mechanisms to keep our accounts safe. Instead, we should aim for security measures that give users the freedom to bypass them as needed while still protecting our accounts from attack. The fate of secure systems lies in the understanding that security is a process that must constantly adapt to face the shifting landscape of user behavior and potential threats.

About the author

Divya is a web developer who is passionate about open source and the web. She is currently a developer experience engineer at Netlify, and believes that there is a better workflow for building and deploying sites that doesn’t require a server—ask her about the JAMstack. You will most likely find her in the sunniest spot in the room with a cup of tea in hand.

More articles by Divya

Designers must create new templates that suit their creativity instead of allowing the market to set the pace for them, says Sabyasachi Mukherjee, who will present his collection at the finale of Lakme Fashion Week.

Celebrating Onam and don’t know what to wear and how? NEETI SARKAR gets fashion gurus to give you a few fashion tips

November 19 was International Men’s Day and the Movember Foundation is urging guys to keep moustaches and beards to create awareness about several issues

As gifting and dressing up for the festive season begins, consumers are increasingly looking at sustainable, environment friendly choices

It was the effort of four photographers, 14 models, and three stylists, and was shot at four locations

Designer Neeta Lulla on the fairytale-like silhouettes for Samantha Ruth Prabhu’s mythological romance drama ‘Shaakuntalam’

Brimming with cut outs, panels, thread piping and embroidery, Biskit’s new collection explores the human mind

Hair stylist Jawed Habib talks about his new book ‘Beautiful Hair, Beautiful You’ and says, despite the information overload pertaining to hair care, he observes a general lack of awareness

What’s cool this summer

Cold pressed juices are the latest health fad to hit Bengaluru. Nikhil Varma takes a sip.

Ruslaan Mumtaz tells us what all he does to have lean and fit body

Running can be injury free and effortless if one is conscious of his/her running form (body mechanics)

The customs duty cut on gold, silver and platinum will certainly bring down production costs in this thin-margin industry, helping Indian exports gain competitive edge in the global market

Population as well as economic activities in vulnerable areas should be kept to a minimum. Yet, governments have promoted the opposite, including tourism

SEBI has calculated net primary and secondary market investment in equity and debt based on actual data at its disposal

States can benefit from GST rate rationalisation

Tech advancements have made it possible for satcom players to offer seamless broadband connectivity directly to the users’ smartphones, bypassing traditional cell towers

Confident of sustaining Q2 bottomline growth performance in remaining quarters this fiscal 

YES Bank targets 17-18% deposit growth, loan growth of 13-14% in FY25; CEO Prashant Kumar says this can be the ‘right time’ to acquire an MFI

RBI is in no great hurry to immediately announce a nationwide rollout of the central bank digital currency (CBDC)

Festival season spending aided the 45 per cent y-o-y rise in October UPI transactions

Bank prepared for Canara Robeco listing in Q4