How much Security is enough?

Dangerous super-viruses like corona, earthquakes, terrorist attacks: The daily news can be frightening … Although we know that everyday life has its pitfalls, we prefer to disinfect the door handle because of a sick colleague than stop smoking. Man is a complex being. But where does that come from? And how much security actually makes sense?

Why do we take risks? No risk, no fun!

The risk of dying in a terrorist attack is just 1:20 000 000. Still, for many people, an abandoned suitcase on the railway track makes them more nervous than driving to the station. The probability of having an accident on the road is much higher with up to 1.000 times as much! Nevertheless, we leave the house every day and act more carelessly than cautiously: Cyclists do not wear crash helmets and motorists risk looking at their smartphones. Employees quickly whisper the password for the WLAN into their colleagues’ ears, because it is faster and more practical.

How we misjudge risks

Where does this negligence come from despite the known risk? Quite simply: In road traffic, we steer and control and therefore do not feel helplessly at the mercy of the situation as we do on the railway track or with invisible viruses such as Corona. So if people act in a self-determined manner and stalk up on food, this gives them a deceptive feeling of security. Even though, the risk of starving to death in quarantine can be much smaller than that of catching the virus in the supermarket.

Whether skiing, bouldering or simply attaching a number to the same password and recycling it for a different application: Even with 40% security, we still assume to be safe when we feel in control! That’s why people smoke, but at the same time have a fear of flying. If a situation still forces us to rely on other people or software, we demand at least 100% security. Even if the real risk is minimal or actually sitting in front of the screen …

The human being as a security gap

People are rather bad at correctly assessing security risks. This also explains the annual top 10 most used passwords like “123456“! The biggest danger really comes from the person himself – take autonomous driving for example. So the question is: Would it, therefore, be better to do without the human agency as a risk factor in order to make processes safer? The answer is definitely “no”. There is (still) no error-free complex software that could exclude human mistakes – not even with Artificial Intelligence (AI).

How to achieve maximum security despite “human error“

To be on the safe side in tricky situations, social and technical aspects need to be considered together. Because even the best safety system does not work if it is handled negligently! Most of the so-called “human errors” can be defused by optimal social interaction: It is important to have a healthy hierarchy within and between departments. After all, most errors happen through overly authoritarian or conflict-averse behavior.

Mistakes are human – but not taking precautions is just playing stupid

How can Password Safe help? The fact is that even the most secure solution is useless when employees are stressed or lack training. Furthermore, the danger increases when these employees have too many rights. So granting access rights in accordance with the employee’s responsibility becomes crucial. Making use of the LightClient for end-users helps you to navigate this problem even for employees with less experience.

Therefore, it is advisable to have regular security training and make sure that the content has been understood. In general: Mistakes are human and should not be condemned. Rather than condemning mistakes that are human, develop a strategy to prevent error. Moreover, Password Safe allows you to pursue an open-door philosophy and a stress-free environment!

Read here more about secure password behavior.

March 5, 2020|
Go to Top