For just about any organization, there’s a balance that has to be struck between absolute security and absolute convenience. Seemingly, every new innovation that increases convenience also introduces new risks. On the other hand, every safeguard instituted can also create complexity, delays, or in some other way diminish the user experience. Either way, businesses are exposed, whether to the catastrophic consequences of breaches, or of an erosion of user productivity and customer retention.
For any enterprise operating in today’s digital world, navigating this tension between security and user experience represents an increasingly difficult balancing act.
How are companies balancing the competing demands of security and the user experience? A recent report draws on some research to provide a current examination of these topics. Produced by Dimensional Research and sponsored by Broadcom Software, the report is entitled How to Avoid Tradeoffs Between Security and the User Experience. The report’s authors surveyed more than 500 people, and respondents came from a range of industries and five different continents. Following are a few key takeaways from the report.
In the tension between security and experience, survey respondents had a pretty consistent bias: When forced to pick, a significant percentage said they’d choose security, even if it compromised the user experience. (For the purposes of this report, the term “users” is defined in a broad fashion, explicitly including customers, employees, and partners.)
For example, 40% of respondents say security is more important than end users’ satisfaction and productivity. In addition, 54% of respondents said it is ok to negatively affect the user experience in an effort to improve security. Almost half (46%) feel it is acceptable to have user productivity diminished in exchange for improved security.
Given the limitations in place, teams have come to accept that compromises have to be made for the sake of security, but there are consequences. As the report authors write, “Applications and services that are difficult to use often result in customers leaving to find easier to use solutions, thus companies may be trading customers for increased security.”
When it comes to advocating for security within an organization, there’s often the perception that front-line security teams are on their own. However, the message on the need for security has definitely made it to the C-suite. Demands for security are coming from the top of organizations, and executives are accepting of the fact that security may have an adverse impact on users.
The survey found that, when asked about the acceptability of having security negatively impact the user experience and user productivity, it was executives who had the highest percentage of affirmative responses.
Given the prioritization of security, especially among top-level executives, it is somewhat surprising to see that many see they’re falling short of these ideals in practice. In fact, nearly half (46%) say they’ve resorted to bypassing security to improve the user experience.
Among survey respondents, there was remarkable consensus that establishing visibility of the user experience is key. 92% said they must monitor the impact security initiatives and solutions have on the user experience. In addition, 90% stated end-to-end paths for cloud-based applications must be monitored.
However, respondents made it clear that gaining the full visibility they require is getting more challenging. Across organizations, teams are seeing more remote users, more cloud services, and more third-party networks entering the mix. With the expansion of remote and hybrid work and the growing complexity of the networks relied upon, it gets more difficult to establish the visibility required. In fact, these increasingly complex network paths have the potential to erode both security and the user experience.
Survey respondents said hybrid workers (44%), third-party networks and ISPs (43%), and public cloud resources (41%) directly limit their visibility into the user experience. Further compounding the challenges is that virtually all respondents, 97%, have plans to adopt zero-trust strategies and 96% plan to employ secure access service edge (SASE) approaches, which can further obscure visibility into the user experience. 91% say visibility into the end-user experience is critical to the successful adoption of SASE. Fundamentally, respondents understand SASE will have an impact on the user experience, and know they need to understand how.
The vast majority, 83%, of companies are running a hybrid mix of security solutions, with some tools deployed on premises and some in the cloud. Therefore, it will be vital for teams to leverage solutions that deliver SASE visibility, and that are also aligned with these hybrid deployment realities.
Survey respondents were asked about features that were important in selecting a user experience monitoring solution, and the responses can be best summarized as “all of the above.”
Respondents were asked about a total of nine capabilities. Five out of the nine categories received 50% or higher responses, and even the lowest-rated category, “threshold alerts,” was selected by more than one-third (36%) of respondents.
Top responses included support for remote workers (55%), ease of deployment (53%), integration with network security solutions (51%), and scalability (51%). There was also near unanimous acknowledgement on the importance of managing network security solutions in the context of the larger network, such as routers, switches, DNS, and so on. 92% indicated this was very or moderately important. In addition, 94% said it was very or moderately important to monitor network security in the context of the larger ecosystem, including infrastructure, networks, applications, and services.
Broadcom Software makes it easier for customers to find the right balance between security and the user experience. Broadcom solutions feature AppNeta, which is a user-centric monitoring solution that provides comprehensive visibility for cloud, SASE, and modern networks, including those that are not owned by the enterprise. Plus, AppNeta features integration with Symantec products, offering an optimal complement to these solutions’ industry-leading security capabilities. To learn more, be sure to visit the AppNeta product page.
To learn more about how organizations around the world are managing the impact of security on user productivity and customer satisfaction, be sure to download the report, How to Avoid Tradeoffs Between Security and the User Experience.
Randy Budde is the editor in chief of bizops.com. A freelance writer and editor, Randy has been developing content extensively in the enterprise security and software markets for more than 25 years. Over the years, he’s written on a wide range of technologies and topics, including artificial intelligence, automation...