The Tricky Balance between Security & Usability
There is an inherent conflict of interest between the ease of use on the one hand and security on the other.
If one makes use very open and easy, the security will be low. If the security is high, the usability will be low. And let’s not even start on connectivity and interoperability, as those concepts may look mostly impossible.
It is not realistic to expect that one can achieve maximum usability and maximum security at the same time. In basically all ecosystems, whether a product, service, building, city or community, whether physical or virtual/online, there will be a trade-off between security and usability.
Example 1: Drones. It is not hard to hack a drone and watch the video streams it is broadcasting, as those feeds are – by design – meant to be easily accessible. Most feeds are totally open and unencrypted, even many military drones. This, as those drones try to make overhead video available to as many frontline soldiers as possible, also those who may not have all the security protocols available but desperately needs the feeds. It is a classic security-convenience tradeoff, as ever since drones are flying those are hacked by either side. This happened with US drones flying over Iraq, Israeli drones flying over Gaza, and so on.
Example 2: Email/Chat. Having to type in a password, proof you are not a bot by visually deciphering a visual, and then type the code you received on your mobile phone because of two-factor authentication, just to access your email or chat obviously results in higher degree of security but an extremely low degree of usability.
Example 3: Castle Moat: Although it looks quite secure, especially with exposed grounds around the high-walled castle, there are very limited ways to get in, or out. Furthermore, there is a total lack of connectivity between the castle and the surroundings. The same goes for building walls.
Open & User-Friendly Prevails, where possible
Shutting down a community or fully securing a building is not the answer, even though in some cases it may be necessary for a short while to get on one's feet again. Whether in the physical world or digital environment. In any case, the balance between security and usability is dynamic, with the prevailing goal to try to keep it as open and user-friendly as possible. The goal is to maximally minimize the possibility of threat scenarios and maximize the accessibility of usage scenarios. It will be on a case to case and time to time basis, but there are of course good principles to use and nurture.
A usable product, service, building, city and community will be one that minimizes errors, disasters and attacks, while secure products, services, buildings, cities and communities will aim at ensuring that undesirable actions are prevented or mitigated.
This balance may be one of the most relevant and important questions of our times, both in our online and physical communities.
The hyperconnectivity that users are pursuing, demanding and provided with, both in cities and communities anywhere in the world growing fast, and cloud computing and internet of things that truly connect humans, physical objects with global digital infrastructure and services will surely mean that this balance will be even more dynamic and will need to be continuously monitored and managed.
And remember: security + usability = durable user experience and trust.