Ever encountered a CAPTCHA and thought to yourself, “whoever decided to put this here must really hate people”? It turns out, the people who make the decisions to use CAPTCHAs hate them as much as you do. Jason Puglisi, an application security engineer, describes what teams like his think about when evaluating potential solutions to a security issue. (Spoiler: you’ll be pleased to know these considerations include how security solutions may affect the user experience).
- The surprising similarities between UX and security teams.
- What designers need to know about information security risks, as well as how designers can help security teams understand the UX tradeoffs they may be making.
- What designers can do to more effectively collaborate with their cross-disciplinary teams, including the security engineering team.
- What to consider when designing for users in higher-risk scenarios—users who have privileged access and are operating at scale (for example, if your end users are engineers, IT professionals, or security analysts).
Jason Puglisi is an application security engineer at a financial technology company. He performs ethical hacking to discover vulnerabilities, guide solutions, and inform organization-wide security measures. Human security is a particular passion of his, including security culture, awareness, and various aspects of social engineering.