Can UX be more important than security in the SaaS development cycle?

In her book, The Pentagon’s Brain, Annie Jacobsen tracks the life cycle of the internet and the source of some of our current problems. She maps it back to its original purpose, which was to be a place of trust. Once you met a complex set of requirements and gained access, you could traverse all over the internet because it was designed to facilitate trust between the US government, the Department of Defense (DOD) and universities. Today we have subscribed to user experience. It’s so critical now that we bypass security. And then when your Peloton is sharing data because the API is not configured correctly, we wonder why. So I question whether we’ve learned that lesson. We were so focused on the outcome that we put aside fundamental components of security by design, which leads to compliance by design, which leads to privacy by design.

Anonymous Author
In her book, The Pentagon’s Brain, Annie Jacobsen tracks the life cycle of the internet and the source of some of our current problems. She maps it back to its original purpose, which was to be a place of trust. Once you met a complex set of requirements and gained access, you could traverse all over the internet because it was designed to facilitate trust between the US government, the Department of Defense (DOD) and universities. Today we have subscribed to user experience. It’s so critical now that we bypass security. And then when your Peloton is sharing data because the API is not configured correctly, we wonder why. So I question whether we’ve learned that lesson. We were so focused on the outcome that we put aside fundamental components of security by design, which leads to compliance by design, which leads to privacy by design.
1 upvotes
Anonymous Author
It’s unclear whether or not the internet would be as pervasive if it wasn’t so easy to use. I think the great innovation of the last few years has been the trend towards secure but easy to use, like passwordless security, for example. I'm really hopeful that we can continue to innovate. If we had insisted on passwords with a million characters and exclamation points, etc., from day one, would the internet have actually reached its current stage? The internet was originally built on trust, and what we’ve seen growing as a result of greater connectivity is that now you're exposed to everybody and therefore you can no longer trust. It's simply the scale of the internet that has really exposed us to the problem of a broad attack. There is no good tech you use that will not be attacked.
1 upvotes