Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

User Friendly vs Security

drig (5119) writes | more than 12 years ago

User Journal 0

Today my company was introduced to the new online portal for our medical benefits. I was shocked to find some of the most shoddy security I've seen. When I questioned the presenter about it, his response was "we wanted to make the system user friendly".Today my company was introduced to the new online portal for our medical benefits. I was shocked to find some of the most shoddy security I've seen. When I questioned the presenter about it, his response was "we wanted to make the system user friendly".

Okay, I understand that sometimes security measures can make a site more difficult to use. Password restrictions, automatic logouts, extra confirmations, etc. all make the site flow less easily. But, I have to question if that is the end-all of friendliness.

I, personally, wouldn't consider a system that spews my medical and payroll information to any hacker who cares to try friendly. How friendly is it to find out that I have no health insurance because someone turned it off without my permission? How friendly is it if I start getting calls from pushy brokers and TrendWest because they found out I make more than I spend?

I'd say this guy misunderstood both words in "user friendly". I think he meant "easy for us to develop" or maybe "appears easy to use" rather than "does what the user wants". He mistakes a couple of marketing people as representing his users. He mistakes friendly for easy. He doesn't recognize the bigger issues.

So, I wrote them. I got back a response that says things like "that's not an issue" and "we've determined this isn't a security problem".

cancel ×

0 comments

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...