The document discusses the balance between usability and security, particularly in the context of the USP Secure Entry Server (SES). It highlights that good usability can enhance security, emphasizing the need for thoughtful design and better tools to achieve an optimal user experience while maintaining security measures. The document also details the SES's features, such as single sign-on and web application firewalls, which facilitate this balance and address common cybersecurity challenges.

1. Usability vs. Security:
How USP Secure Entry Server (SES) Gives You Both
Extremely secure

2. SUMMARY
1. Introduction
2. Authentication
3. Business Applications and Web Portals
4. The Compliance Conundrum
5. Security + Usability = Good Design
2Cybersecurity

3. Cybersecurity
1. INTRODUCTION
3
Usability and security are not two sides of a coin. They are equivalent and in
fact can complement each other : good usability can improve security, but often
needs more thought and better tools.
Any IT system, either internally facing or with external, web service integration,
has many layers where human-computer interactions happen.
The creation of a good user experience (UX) means that we need to make those
interaction points usable. At the same time, we also need to make sure that
security is an important factor in their configuration and setup.
Achieving good UX within a secure environment is a goal that results in excellent
data governance and increased productivity.

4. Cybersecurity
1. INTRODUCTION
4
United Security Providers know the
security/usability conundrum well and we have
designed version 5 of our USP Secure Entry
Server® to offer a holistic approach to the
resolution of security with usability.
The new version encompasses all the
requirements needed to create usable, yet secure
use cases across your enterprise web applications.
We can illustrate our argument by using examples
where good security actually creates good user
experience and vice versa.

5. Cybersecurity
2. AUTHENTICATION
5
The humble password has caused more
security issues than probably any area across
the extended enterprise.
Passwords insecurities are, let’s face it, behind
many of the hacks we have seen in recent
years.
Hacks that often begin with a spear phishing
campaign, resulting in administrators
username and passwords being stolen.
Passwords for the wider user base of a system
are even more difficult to keep control of.

6. Cybersecurity
2. AUTHENTICATION
6
how do we square the round with the conundrum of password
insecurity / usability?
The obvious step would be to make a password longer and more complex, for
example a mix of capital letters, lower case and alphanumeric. This would
mean that brute force attacks would be much more difficult to perform.
However, password complexity is offset by a number of forces:
of people (depending on location) forgot a password if it was long
and / or complex. (Ponemon Institute study)
of respondents stated they would just leave the site if they have
forgot a password instead of recover it. (study by Janrain)
of respondents at least sometimes, or often, wrote passwords down
(Berkeley University Study)
70%
90%
40%

7. Cybersecurity
2. AUTHENTICATION
7
Increasing your password strength doesn’t prevent:
• Phishing attacks
• Key logging and screen scraping
• Attacks on your database

8. Cybersecurity
2. AUTHENTICATION
8
There are many tools available that can give you
a great UX and maintain security.
The USP Secure Entry Sever® (SES) offers you the
ability to increase your productivity whilst ensuring
security. It leverages Windows account Single Sign On
(SSO) and can be extended for inter-organization SSO
through federation.
Second factor and even risk based authentications can
give enhanced login security, and can be utilized in
combination with SSO to give the perfect mix of
usability and security.

9. Cybersecurity
2. AUTHENTICATION
9
Adding a second factor, potentially compromises
usability, so choosing the right second factor method,
for the right environment and user type, is essential to
getting the security/usability balance right.
USP SES allows you to choose from a number of
different second factor options, including RSA
SecureID, SafeNet, X509 certificates, mTan, and
newly also Google Authenticator, so you can ensure
you have the right tools for the right user type.

10. Cybersecurity
3. BUSINESS APPLICATIONS AND WEB PORTALS
10
One of the areas that requires real and urgent attention in terms of security, are
enterprise applications that have touch points out into the Cloud.
Well designed, modern Cloud based interfaces have also given us a great UX. But
the Cloud has also opened up many security implications by expanding our
attack surface up, away and beyond the clouds.
When internet based data communications start to come into play, security starts
to become more complicated. This can result in a more stringent and « locked
down » interface with complicated access control. Again Single Sign on, or its
cousin, federation, can come to the rescue, allowing seamless authentication
between Cloud applications.

11. Cybersecurity
3. BUSINESS APPLICATIONS AND WEB PORTALS
11
SSO can ensure that the usability improvements afforded through Bring Your Own
Device (BYOD) technology does not also open up potential security holes in your
organization.
Preventing web attacks via web facing portals, doesn’t need to create a poor UX
either. The use of background monitoring and analysis of threats can mean you
can retain a highly usable interface, whilst securing the backend.
Web Application Firewalls are a way to ensure that common web attacks like XSS,
SQL Injection and CSRF are handled without having to compromise the user
interface of any web-based application.
The Web Application Firewall (WAF) offered by USP SES is designed to make
sure that administrators can more easily spot security issues and prevent breaches
becoming a security event. With our state of the art administration console
interface and easy view monitoring and real time analytics, web threats can be
spotted and contained.

12. Cybersecurity
4. THE COMPLIANCE CONUNDRUM
12
Data protection laws and regulations can be onerous
and our reaction to them is often to lock everything
down, to within an inch of its life.
If something is so complex to use because it has been
made extremely secure, then it won’t be used, it
may even force some clever employees to circumvent
the security to use it.
This is a situation that can result in poor practises
which take you outside of the compliance
requirements.

13. Cybersecurity
4. THE COMPLIANCE CONUNDRUM
13
Sometimes this issue can be resolved through user
awareness and understanding of how the security
measures operate.
But often it is the security measures themselves
that may diminish productivity and create working
practise that are themselves, insecure.
Getting the balance right will prevent accidental
compliance mistakes which is why USP SES has so
much emphasis on the seamless and usable design of
our administration console and the solutions that can
be realized with it.
Encouraging the administrators to administer security
properly, reduces mistakes and encourages good
practise.

14. Cybersecurity
5. Security + Usability = Good Design
14
USP SES encompasses a state of the art Web Application Firewall,
Single Sign On, federation and all aspects of these, including
authorization and authentication options.
Using a holistic approach to security, whilst encouraging usable
systems for administrators applying the security settings and those
using them, you can ensure that you have a best of breed approach
to your enterprise security infrastructure.
This balance is achievable. But the right mind-set and tools need
to be used in equal measure to achieve it. Our highly complex,
extended enterprise has to reduce the complexity of the underlying
design.

15. Cybersecurity
5. Security + Usability = Good Design
15
Pulling all of the parts of a robust security strategy together, we will
need to look at improving the usability of authentication through SSO
or federation, yet improving security using second factor.
Then with the additional features offered in the WAF component,
offering monitoring and threat analysis you have a rich and holistic
approach that allows your organization to have security and usability
working in harmony.
The bottom line is that if your security seriously impacts
usability, then chances are it’s not done correctly and at worst
can actually make the system you’re securing, less secure –
something no one can afford to do.

16. company/united-security-providers
companies/unitedsecurityprovidersag
https://www.united-security-providers.ch/