Security and Usability from the Frontlines of Enterprise IT

Tuesday, January 26, 2016 - 11:00am

Jon Oberheide, Co-Founder and CTO, Duo Security

Abstract: 

When you think about security and usability, IT is probably not the first thing to pop in your head. Yet the IT systems and security that underpin every organization are critical to secure the data of companies, their employees, and the consumers they serve. At the same time, the security industry has created a complex market that requires a encyclopedic glossary to navigate, solutions that require superhuman powers to operationalize, and a user experience where "the users didn't hate it" is a glowing endorsement. While the sales pitch of "we suck less" is more effective that you might imagine, empowered employees in modern organizations demand more of their IT organizations and expect the same streamlined user experience with technology at work as they do at home. The bar is low for IT security, but we can do better.

In this talk, we'll share some of our philosophies on the intersection of simplicity, usability, and security applied to IT security controls, gleaned from our learnings at Duo protecting over 8,000 organizations of all shapes and sizes with diverse security cultures and user populations. We believe the impact that simplicity can have on security and usability for organizations, IT admins, and end users is undervalued, and advocate for further research.

Jon Oberheide, Co-Founder and CTO, Duo Security

Jon is the co-founder and CTO of Duo Security, responsible for leading product vision and the Duo Labs advanced research team. Before starting Duo, Jon was a self-loathing academic, completing his Ph.D. at the University of Michigan in the realm of cloud security. In a prior life, Jon enjoyed offensive security research and generally hacking the planet. Jon was recently named to Forbes "30 under 30" list for his mobile security hijinks.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@conference {206262,
author = {Jon Oberheide},
title = {Security and Usability from the Frontlines of Enterprise {IT}},
year = {2016},
address = {San Francisco, CA},
publisher = {USENIX Association},
month = jan
}

Presentation Video