***** Security and Usability: Designing Secure Systems That People Can Use. Edited by Lorrie Faith and Simson Garfinkel; published by O’Reilly Media, www.oreilly.com (Web); 715 pages; $44.95.
Those of us only slightly computer literate have to cope with the onslaught of threats to our information assets and with the baffling advice on how to protect those assets. Ignoring the problem won’t help. Security and Usability is an extremely helpful resource in this regard.
The six major parts of the book all have their enlightening moments, whether discussing authentication mechanisms or privacy and anonymity. Throughout, conventional wisdom is challenged in refreshing ways. For example, one writer asserts that the “assumption that biometrics is inherently a usable form of security is flawed,” pointing out that factors such as environment of use and diversity of the user base have prevented widescale deployment of biometrics at automated teller machines.
Security and Usability is highly readable, intelligible, and intelligent. Security and IT professionals will find it to be a helpful resource and an effective reminder of how user impact needs to be factored into computer security decisions, procedures, and systems.
Reviewer: Mayer Nudell, CSC (Certified Security and Safety Consultant), runs Specialized Consulting Services in North Hollywood, California. He is a member of ASIS International.