Podcasts about simply secure

Play Episode Listen Later Oct 11, 2022 39:20

Panelists Richard Littauer | Eriol Fox | Memo Esparza | Georgia Bullen Show Notes Hello and welcome to Sustain Open Source Design! The podcast where we talk about sustaining open source with design. Learn how we, as designers, interface with open source in a sustainable way, how we integrate into different communities, and how we as coders, work with other designers. On today's episode, we wanted to have a reintroduction to us as a group and find out what's going on with us and what we're all doing these days since we don't get to talk very much. Also, this is the last podcast of the 2022 season, and it's truly been an exciting one for us. So, on this last episode, we're going to talk a little bit about some past things we discussed before, current events of the day, stuff we're working on, and then we'll discuss some cool things we would like to happen on this podcast for the 2023 season which is only a few months away. Go ahead and download this episode now to find out more! [00:03:34] Each panelist shares things they've been thinking about lately to do with Open Source Design, things they've been working on a personal level around open source and their design efforts. Eriol starts by telling us what they've been doing to help out the Open Source Design Community with internships, fellowships, and supporting the mentoring process. [00:09:22] Eriol talks about the challenges they've had, ways people could help out, and where people can follow along. [00:12:20] Richard tells us his story, what he's doing with Open Source Collective, and how he's figuring out how to help open source projects to spend the money they got. [00:16:31] Georgia brings up topics for the future and talks about community development that is a design process, and how she thinks about what we could do more of is to take a challenge like Eriol talked about with designing an internship program and to make it a collaborative thinking space by talking with other people. [00:17:39] We find out what Memo is up to with his work, growing the design team at Open Collective, things he's focusing on, and ideas with what he would like to see happen on the podcast next season. [00:20:50] Memo tells us some other cool stuff he's working on. [00:23:58] Georgia brings up having future conversations to have about what it takes to serve the design industry with tools. [00:26:11] Memo shares his thoughts about expanding our circles further, and Georgia fills us in on everything that's going on in her world at Simply Secure. [00:36:05] Find out where you can reach out to the discourse, podcast, and panelists to find out more and if you are interested in talking to us about ideas for this podcast. Links Open Source Design Twitter (https://twitter.com/opensrcdesign) Open Source Design (https://opensourcedesign.net/) sosdpodcast@sustainoss.org (mailto:sosdpodcast@sustainoss.org) Sustain Design & UX working group (https://discourse.sustainoss.org/t/design-ux-working-group/348) SustainOSS Discourse (https://discourse.sustainoss.org/) Sustain Open Source Twitter (https://twitter.com/sustainoss?lang=en) Richard Littauer Twitter (https://twitter.com/richlitt?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) richard@oscollective.org (mailto:richard@oscollective.org) Eriol Fox Twitter (https://twitter.com/EriolDoesDesign?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) eriol@simplysecure.org (mailto:eriol@simplysecure.org) Georgia Bullen Twitter (https://twitter.com/georgiamoon?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) georgia@simplysecure.org (mailto:georgia@simplysecure.org) Memo Esparza Twitter (https://twitter.com/memo_es_) memo@opencollective.com (mailto:memo@opencollective.com) Outreachy (https://www.outreachy.org/) Google Summer of Code (https://summerofcode.withgoogle.com/) Open Source Design Discourse (https://discourse.opensourcedesign.net/) Open Source Design-Open Collective (https://opencollective.com/opensourcedesign) Deciding on how to use your money-Open Source Collective (https://docs.oscollective.org/guides/deciding-on-how-to-use-your-money) Tech Policy Design Lab (https://techlab.webfoundation.org/) What's next for ‘Simply Secure'? Part 1: Revisiting our name and identity (https://simplysecure.org/blog/simply-secure-rebranding-survey/) What's next for ‘Simply Secure'? Part 2: Refreshing our name and identity (https://simplysecure.org/blog/simply-secure-refreshing-our-name-and-identity-part-2/) Usable Software Ecosystem Research (https://docs.google.com/forms/d/1db9akanLAcsFQvR4eZIzMjW_D8F2YRGSwnMUlURTg7c/viewform?edit_requested=true) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/)

wrap code hosts deciding edited ux memo refreshing open collective google summer outreachy simply secure

Financial Independence & Freedom with Eddie Thomason

Hacker Valley Studio

Play Episode Listen Later Jul 12, 2022 33:55

Eddie Thomason, bestselling author, speaker, consultant, and creator of the Simply Secure podcast, comes to Hacker Valley Studio to discuss financial independence, the freedom of a healthy work-life balance, and habits that have helped him succeed. As a father of two with a full-time job and a thriving content creation career, Eddie explains not only how he does it all, but also how much he cares about helping other security professionals achieve the same level of success. Timecoded Guide: [00:00] Eddie's background & his current cyber role with Data Locker [06:07] Growing up in Baltimore City & finding his podcasting inspiration [13:10] Balancing work & life with calendar planning [19:13] 4 essential habits: reading, listening, association, & work [28:20] Advice for digital content creators & security professionals Sponsor Links: Thank you to our sponsors Axonius and AttackIQ for bringing this episode to life! Want to learn more about how Mindbody enhanced their asset visibility and increased their cybersecurity maturity rating with Axonius? Check out axonius.com/mindbody AttackIQ - better insights, better decisions, and real security outcomes. That's why we partnered with them to create free cybersecurity trainings! Check it out at academy.attackiq.com What is the connection between cybersecurity and this financial independence and freedom mindset you have? In his book, on his podcast, and throughout his career, Eddie has emphasized the importance of financial independence, especially when it comes to diversifying his income. Instead of calling his projects and revenue streams “side hustles,” Eddie prefers to think of them as baby businesses; small businesses in the infant stage that have massive professional potential. With COVID severely changing Eddie's economic perspective, he firmly believes in having multiple sources of income and in fostering the growth of each project until he's seeing revenue to rival the full-time income he already makes in his day job. “If you look at it as a side hustle, that's all it's ever going to be, it's just something that creates a little bit of extra income, but if you look at it as a baby business, that could really replace the income that you currently make.” How do you balance content creation, day-to-day job responsibilities, and fatherhood? Being an author and a cybersecurity consultant can both already be demanding jobs, but throwing 2 young children and an entire podcast into the mix makes Eddie's success borderline hard to believe. However, Eddie credits his success to understanding his priorities and heavily managing his calendar. Entrepreneurs need to think of their schedules down to the minute, maybe even the second. Eddie is not afraid to set aside time for his children, even if it means he has to work in the evenings on his own entrepreneurial goals. Eddie knows that when he puts his calendar together, he is giving himself the time he needs and deserves to work and spend time on what's important to him, even alongside all his other responsibilities as an employee. “If you're going to work for 8 hours a day for somebody else's dream, then why can't you come home on a daily basis and give yourself at least 2 hours? We're not talking about a whole nother 8, but give yourself at least two hours. From the hours of 5 to 7, what can you do to invest in yourself?” What are some successful habits you've picked up throughout your life and that you mention in your book, Unlock Yourself? Four successful habits guide Eddie through his busy life as an entrepreneur and full-time worker, the first of which is reading. Reading is a source of knowledge and connection with others, and Eddie has learned amazing lessons from reading books and articles. The second is listening, which, just like reading, offers Eddie the ability to learn and to connect with the world. Coming in third is association. Surrounding himself with people who inspire him and are dedicated to his goals reminds Eddie of how badly he wants this. Fourth and finally, work. Putting in the work without expecting the success to happen overnight helps Eddie with his patience and always leads to a much better payoff. “If you surround yourself with incredible people who inspire you and uplift you and encourage you, then there's no reason why you should not get to your goal. There's no reason why you should give up because you have people that understand how badly you want to accomplish your goals. They won't let you quit on yourself.” Do you have advice for those looking to achieve success similar to you? Although it may seem daunting to tackle a career as extensive as Eddie's, Eddie is confident that his mindset around work can help anyone become successful. Most specifically, amongst all the entrepreneurial advice Eddie gives, his strongest point centers around understanding the “why.” Knowing why he does what he does not only helps keep Eddie on track for a solid work-life balance, it also allows him to see the impact his work has on the people around him. With his wife being a stay-at-home mom and his children being young, Eddie understands the necessity of his hard work and wants to inspire his family with his continued success. “If I don't perform, the people around me suffer. If I don't do what I need to do, then the people around me are not going to be better off. The impact that it is going to have on them is so much heavier than the impact that it'll actually have on me individually.” --------------- Links: Keep up with Eddie Thomason on his website, Youtube, LinkedIn, Instagram, and Facebook Check out Eddie's podcast, the Simply Secure Podcast, and his book, Unlock Yourself Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

covid-19 freedom entrepreneur advice reading putting balancing surrounding mind body financial independence baltimore city thomason chris cochran axonius hvs hacker valley media hacker valley studio attackiq ron eddings simply secure eddie thomason

Ep 183: KEEP CALM & Log On - Dr. Gillian Andrews (Gus) - (Author)

360 Yourself!

Play Episode Listen Later Jun 19, 2022 36:55

Keep Calm and Log On is the first book from Dr. Gillian Andrews, known to most as Gus. Dr. Andrews's unusual background as a hacker, scholar, and educator makes her uniquely suited to offer advice on managing the media in your life. A graduate of Teachers College, Columbia University, she put her passion for media literacy to work in creating The Media Show, an award-winning YouTube series for a young adult audience. Currently, she works as a digital security trainer, running trainings and producing curriculum materials for tech companies, the NGO Tactical Tech, and the forthcoming Cyber Nation film project. Dr. Andrews hasn't been surprised in the slightest by news that foreign intelligence agencies, advertisers, and social media sites are exploiting everyday people's data. As a former panelist on the digital rights radio show “Off The Hook” and an organizer for the Hackers On Planet Earth conference, she has been tracking warnings about digital privacy and security issues for over a decade. In her user experience work for ThoughtWorks, Second Life, Simply Secure, and the Open Internet Tools project, she has helped developers make digital systems easier for everyday people to use safely. Dr. Andrews is a dynamic writer and speaker who is keen to help her fellow citizens protect themselves in a year which promises escalated cybersecurity and disinformation attacks. Learn more about workshops she's ready to run in your area! Host: Jamie Neale @jamienealejn Discussing rituals and habitual patterns in personal and work life. We ask questions about how to become more aware of one self and the world around us, how do we become 360 with ourselves? Host Instagram: @jamienealejn Podcast Instagram: @360_yourself Music from Electric Fruit Produced by Tom Dalby Composed by Toby Wright

music columbia university andrews keep calm second life teachers college off the hook thoughtworks logon media show toby wright simply secure hackers on planet earth

000: Why Did I Start the Simply Secure Podcast? - An Origin Story

Leaders In Cyber Podcast

Play Episode Listen Later Apr 14, 2022 22:06

To be fully transparent - I didn't know a THING about the cyber security industry.Unfortunately, as people, we are sometimes afraid to admit that we don't know something because we're scared that others may question our competence or our ability to help them.So why did I create the Simply Secure Podcast? I wanted to learn.Today I'm taking the time to share the origin story of why I started the show in the first place. We'll unpack some of the mindset behind the show and spend time sharing the vision for the show.You'll Learn:How I landed in the Cyber Security industry in a Vendor role Mindset towards building a strong LinkedIn networkInitial vision for the showHow Archie Jackson influenced the vision for the showWhat to expect on future episodes Connect with Eddie hereLinkedIn Post referenced in the show hereFull show notes here

mindset cybersecurity origin stories vendor simply secure

Episode 22: Carrie Winfrey of Okthanks on Clean Insights

Play Episode Listen Later Mar 8, 2022 32:40

Guest Carrie Winfrey Panelists Georgia Bullen | Eriol Fox | Memo Esparza Show Notes Hello and welcome to Sustain Open Source Design! The podcast where we talk about sustaining open source with design. Learn how we, as designers, interface with open source in a sustainable way, how we integrate into different communities, and how we as coders, work with other designers. Today, we are joined by a fantastic guest, Carrie Winfrey, who's the Director of Okthanks, which is a digital rights collective working to advance human rights through the design of technology. On this episode, we'll be talking with Carrie about data, analytics, and a project she's working on. Also, we'll learn more about design activities, blind spots in open source design, Clean Insights, and what it takes to make a better designer. Go ahead and download this episode now! [00:01:10] Carrie shares her background and how she got into open source design. [00:02:40] We hear some of the challenges Carrie has come up against as a designer. [00:04:28] Carrie gives an example of how entry points into the projects are played out in a project in order to participate within the open source. [00:06:57] Carrie explains about why she feels strongly about having a connection to people they are trying to help. [00:08:01] Find out what design activities are. [00:11:24] On the topic of data, we find out what kind of work Carrie is doing with data. [00:15:47] Eriol brings up the “should we” factor of watching people and wonders how we have conversations with organizations or open source projects where there is this uncertainly of being watched. Carrie tells us about the Clean Insights methodology. [00:18:47] Memo asks Carrie to explain about these blind spots and how we can start filling out those gaps. [00:20:14] Carrie gives an example of what kind of power Clean Insights can give to designers or tool builders. [00:23:42] Eriol shares a story of how they view metrics, and Carrie tells us what it takes to make us better designers. Quotes [00:07:06] “I feel very strongly about having a connection to people and having a connection to the people particularly that we say we're trying to help.” [00:07:34] “I constantly feel in a place of not really knowing what I'm doing, but maybe that's healthy.” [00:08:31] “I think everyone has different levels of comfort with creativity.” [00:16:25] “Clean Insights is an analytic solution for digital product teams to safely gather insights about their users and it puts transparency and consent first.” [00:21:42] “Don't expect data to solve all [your] problems.” [00:26:36] “What I want to encourage designers to do is to ask more questions.” [00:27:34] “We've got to think about how it fits into people's lives and we've got to know what that looks like in reality, and that's what makes us better designers.” Spotlight [00:28:40] Memo's spotlight is resonate.is, the community-owned music network. [00:29:29] Eriol's spotlight is Dracula Theme. [00:30:06] Georgia's spotlights are the USABLE Project, Spring conference season coming up and the USABLE team has a call for proposals for the UX Forum in April, and MozFest is coming up and there's a proposal looking for examples of Consent. [00:31:47] Carrie's spotlights are the Noun Project and Matrix Foundation. Links Open Source Design Twitter (https://twitter.com/opensrcdesign) Open Source Design (https://opensourcedesign.net/) Sustain Design & UX working group (https://discourse.sustainoss.org/t/design-ux-working-group/348) SustainOSS Discourse (https://discourse.sustainoss.org/) Sustain Open Source Twitter (https://twitter.com/sustainoss?lang=en) Richard Littauer Twitter (https://twitter.com/richlitt?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Eriol Fox Twitter (https://twitter.com/EriolDoesDesign?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Georgia Bullen Twitter (https://twitter.com/georgiamoon?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Carrie Winfrey Twitter (https://twitter.com/crwinfrey) Memo Esparza Twitter (https://twitter.com/memo_es_) Carrie Winfrey LinkedIn (https://www.linkedin.com/in/carrie-winfrey) Okthanks (https://okthanks.com/) Okthanks Circulo (https://okthanks.com/circulo) Clean Insights (https://cleaninsights.org/) General Data Protection Regulation (GDPR) (https://gdpr-info.eu/) California Consumer Privacy Act (CCPA) (https://oag.ca.gov/privacy/ccpa) Guardian Project (https://guardianproject.info/) Plausible (https://plausible.io/%20?) resonate (https://resonate.is/) Dracula (https://draculatheme.com/) Dracula Theme-GitHub (https://github.com/CasanovaSekova/dracula-foundry) The USABLE Project (https://usable.tools/) UXForum 2022 (https://usable.tools/blog/2022-02-07-uxforum2022/) [Open Call] Submissions for “Reimagining Digital Consent: A Discussion & gallery Exhibition” at MozFest 2022-Simply Secure (https://simplysecure.org/blog/open-call-submissions-for-reimagining-digital-consent-a-discussion-gallery-exhibition-at-mozfest-2022/) Noun Project (https://thenounproject.com/) Matrix (https://matrix.org/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guest: Carrie Winfrey.

director spring matrix dracula quotes consent edited ux spotlight exhibition memo winfrey plausible usable general data protection regulation gdpr california consumer privacy act ccpa noun project guardian project mozfest simply secure

Episode 19: Conor Okus and Christoph Ono on the Bitcoin Design Community

Play Episode Listen Later Jan 11, 2022 44:25

Guest Conor Okus | Christoph Ono Panelists Richard Littauer | Georgia Bullen | Memo Esparza Show Notes Hello and welcome to Sustain Open Source Design! The podcast where we talk about sustaining open source with design. Learn how we, as designers, interface with open source in a sustainable way, how we integrate into different communities, and how we as coders, work with other designers. Today, we are joined by two guests, Christoph Ono, who is a UX and digital product designer from the Bitcoin Design Community, and Conor Okus, who works for Block, and is part of an initiative called Spiral, previously Square Crypto. On this episode, we are going all out looking at design for Bitcoin. Christoph and Conor fill us in about the Bitcoin Design Community, Bitcoin Design grants, and some challenges they had to face in the process of setting this community up. They go in depth about the designer's principles, the life cycle of a project, how they decided to focus on the onboarding side. Also, Conor tells us more about a video series he helped design to learn the basics of how Bitcoin works called, Hello Bitcoin. There is so much more to hear, so go ahead and download this episode now to find out! [00:01:27] Memo, Richard, Georgia, Conor, and Christoph give us a brief introduction of what they do, and we find out how Conor and Christoph know each other. [00:10:02] Conor and Christoph fill us in on what's so special about the Bitcoin Design grants and if they have seen a lot of design grants in the crypto space. Christoph tells us his plan on how he wants to pay it forward to make the grant possible for others. [00:14:25] Find out more about the Bitcoin Design Community, how many contributors there are, how many designers have been funded, and the projects. [00:17:48] Christoph shares some of the challenges he's run in to and how they scope a problem for contributors to work on. [00:21:34] Christoph and Conor explain how they ended up focusing on the onboarding side. [00:25:03] Georgia wonders if they have a sense of where people are coming from, and if they're coming with a design background, or a Bitcoin background, and if that has an effect on what they're able to do. [00:30:12] Christoph and Conor tell us more about the designer's principles and what they're doing to ensure they are praised for their work. [00:33:58] Find out more about the life cycle of a project and the design review process. Conor tells us about a video series he does to help people understand how Bitcoin works called, Hello Bitcoin. [00:36:40] We end with Conor telling us a little bit about Lightening Network, and Christoph shares what he would love to see next year for all creatives and designers. [00:38:53] Find out where you can follow Conor and Christoph on the internet. Quotes [00:18:40] “I always try to encourage, share early, even if it's rough, because someone else may help push you in the right direction.” [00:27:25] “I would consider it an environment where designers have to work more closely to a protocol than another environment. You may have to move slower at times, and you may have to think through with more rigidity. Setting that as an expectation is quite important.” [00:29:10] “I have never worked with such principled designers and developers.” [00:31:42] "Bitcoin is a lot more long-termed focused.” [00:32:50] “One of the ideas is that any self-motivated designer can come in and say I have an idea, and then they do it because they're excited about it. And then there's support.” Spotlight [00:39:43] Memo's spotlight is a crypto tool called The Giving Block. [00:40:39] Georgia's spotlights are a pattern library called, Decent Patterns, or Decentralization, off the shelf. Also, a workshop she hosted at Mozilla Festival called, “Explain Decentralization To Me.” [00:41:41] Richard's spotlight is Karri Saarinen. [00:42:22] Christoph's spotlight is Penpot. [00:42:45] Conor's spotlight is a project called, Bitcoin Smiles. Links Open Source Design Twitter (https://twitter.com/opensrcdesign) Open Source Design (https://opensourcedesign.net/) Sustain Design & UX working group (https://discourse.sustainoss.org/t/design-ux-working-group/348) SustainOSS Discourse (https://discourse.sustainoss.org/) Sustain Open Source Twitter (https://twitter.com/sustainoss?lang=en) Richard Littauer Twitter (https://twitter.com/richlitt?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Georgia Bullen Twitter (https://twitter.com/georgiamoon?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Memo Esparza Twitter (https://twitter.com/memo_es_) Conor Okus Twitter (https://twitter.com/ConorOkus?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Conor Okus LinkedIn (https://www.linkedin.com/in/conorokus/) Christoph Ono Twitter (https://twitter.com/gbks) Christoph Ono LinkedIn (https://www.linkedin.com/in/germanysbestkeptsecret/) Christoph Ono Website (https://www.germanysbestkeptsecret.com/) Sustain Podcast- 3 episodes with guest Kevin Owocki (https://podcast.sustainoss.org/guests/kevin-owocki) Spiral (https://spiral.xyz/) Spiral Grants (https://spiral.xyz/#grants) Bitcoin Design (https://bitcoin.design/) Bitcoin Design Guide (https://bitcoin.design/guide/) Bitcoin Projects (https://bitcoin.design/projects/) Hello Bitcoin (https://hellobitco.in/) The Giving Block (https://thegivingblock.com/) Decent Patterns (https://decentpatterns.xyz/) “Explain Decentralization To Me” workshop-Simply Secure (https://simplysecure.org/blog/from-paper-to-infinity-whiteboard-inspiring-creativity-and-digital-collaboration-in-online-design-workshops/) Karri Saarinen (https://karrisaarinen.com/) Penpot (https://penpot.app/) Bitcoin Smiles (https://bitcoinsmiles.org/) Sustain Open Source Design Podcast-Episode 9: Andy Gonzalez and Contributing and Collaborating as a Designer (https://sosdesign.sustainoss.org/9) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guests: Christoph Ono and Conor Okus.

community design bitcoin designers quotes edited ux spotlight spiral collaborating christoph memo contributing decentralization kevin owocki giving block penpot okus andy gonzalez simply secure lightening network mozilla festival

Episode 18: Collaboration Between Designers and Developers

Play Episode Listen Later Jan 4, 2022 41:55

Guests Lucie Wu | Saptak | Sadie Panelists Eriol Fox | Kelsey Smith Transcript We have a transcript for this episode: here (https://github.com/simplysecure/designer-developer-collaboration-in-OSS/blob/main/In-conversation-with-designers-and-developers-in-OSS-for-SOS-podcast.md). Show Notes Hello and welcome to Sustain Open Source Design! The podcast where we talk about sustaining open source with design. Learn how we, as designers, interface with open source in a sustainable way, how we integrate into different communities, and how we as coders, work with other designers. Today, with Eriol, we have Kelsey Smith hosting as well, who is a UX Designer at Simply Secure. We are very excited to have three guests joining us from different projects. Joining us are Lucie, who is working on I2P (Invisible Internet Project) as a UX Designer and researcher, Saptak is a Human Rights Concerned Web Developer, working as a contractor with Freedom of the Press Foundation, and Sadie, works on I2P, putting together the Usability Lab, and her work focus is on UX, design, and open source tools. Our discussions today are focused on the collaboration between designers and developers in open source software, and we learn more how these two functions interact with each other, and challenges they faced doing this collaboration work. Go ahead and download this episode now to find out more! [00:03:00] Eriol starts off by asking our guests how design, developer handoff, or collaboration work in their teams and projects, and how it got to be that way in their projects. [00:06:14] Sadie tells us what it's like to be this bridge between design and development and how it's a little bit more developer led at the moment. [00:09:50] Saptak fills us in on projects he works in and how design, developer handoff, and collaboration work in the projects he is a part of. [00:15:41] Eriol wonders if there are other challenges that our guests have faced in doing this collaboration work, and to share examples of good processes and not so good processes. [00:20:02] Lucie explains her process of doing design around something that might have interesting, complicated, or unknown parts of the process that she might need to discover through conversation with the developers or technical teams. [00:23:17] Sadie explains more how she facilitates conversations between the design and developer. [00:25:52] Kelsey asks Saptak what he would like designers to know about the dev processes specifically in this space versus other spaces, and he tells us about a tool that he's found to be really helpful with developers and designers called Accessibility Bluelines. [00:31:39] Sadie geos more in depth about design practices, security, and human rights. [00:35:41] Lucie talks about the differences she has noticed with the collaboration process for developers and designers within open source compared to private software projects. [00:38:41] Find out where you can follow Saptak, Sadie, and Lucie online. Also, Kelsey talks about a project they are working on called Useful Projects. Quotes [00:04:11] “It really helps to have a little bit of knowledge of the technical aspect in order to design effectively.” [00:05:25] “On our team specifically, Sadie has served as a bridge between design and development.” [00:22:13] “That has been a part of the process of constantly reframing the question, drilling down to what you really want to know in order to do the design, because I don't need to know all of the extraneous information that goes on the technical and developer side. I just need to know enough to do the design.” [00:32:50] “Adding more definition and having better processes within the new user onboarding to encompass some of those philosophies behind open source, and why we have those things in place is very important.” [00:36:11] “One of the companies I was at was IBM, and two things really stand out to me on the differences between open source and private, and they are capacity and hierarchy.” Links Open Source Design Twitter (https://twitter.com/opensrcdesign) Open Source Design (https://opensourcedesign.net/) Sustain Design & UX working group (https://discourse.sustainoss.org/t/design-ux-working-group/348) Sustain Open Source Twitter (https://twitter.com/sustainoss?lang=en) Richard Littauer Twitter (https://twitter.com/richlitt?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Eriol Fox Twitter (https://twitter.com/EriolDoesDesign?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Eriol Fox-Simply Secure (https://simplysecure.org/who-we-are/eriol-fox/) Kelsey Smith-Simply Secure (https://simplysecure.org/who-we-are/kelsey/) Saptak Sengupta Website (https://saptaks.website/) Saptak Sengupta Twitter (https://twitter.com/Saptak013) Sadie Twitter (https://twitter.com/yrb1rd) Sadie GItHub (https://github.com/Shoalsteed) I2P (https://geti2p.net/en/) I2P Mastodon (https://mastodon.social/@i2p) I2P Twitter (https://twitter.com/i2p) Lucie Wu Website (https://luwuxu.com/) USABLE Tools (https://usable.tools/) Accessibility Bluelines (https://dribbble.com/shots/6269661-Accessibility-Bluelines) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guests: Lucie Wu, Sadie, and Saptak.

freedom collaboration designers ibm developers quotes edited ux sos oss ux designers kelsey smith press foundation i2p simply secure

Episode 17: 2021 Wrap Up

Play Episode Listen Later Dec 23, 2021 26:47

Panelists Georgia Bullen | Memo Esparza | Eriol Fox | Richard Littauer Show Notes Hello and welcome to Sustain Open Source Design! The podcast where we talk about sustaining open source with design. Learn how we, as designers, interface with open source in a sustainable way, how we integrate into different communities, and how we as coders, work with other designers. Today, as we wrap up 2021 and our first year of doing this podcast, we get reacquainted with each of our panelists as they give us a little history of their backgrounds and their involvement in open source. We talk about some of our favorite conversations, episodes, and guests that we had on, as well as the most memorable moments. We're also looking forward to 2022 and discussions we would like to have for future episdoes that would be of interest to everyone listening out there. Also, if you want to be a guest or if you want to get more involved in these types of conversations we have on this podcast, we're going to let you know where you can go to get plugged in to be a part of our community. Go ahead and download this episode now to find out much more and thank you for joining us! [00:00:53] Since it's been a year since we started doing this podcast, the panelists introduce themselves and give a little history of their backgrounds. [00:07:52] Richard and Memo tell us their most favorite conversations, guests, and episodes that they really enjoyed this year. [00:11:36] Eriol shares four things that are most memorable to her, which include the guests on this podcasts being from all different parts of the world, the diversity of what design means being covered so broadly, guests coming in talking about different communities, and conversations about what it means to be a designer. [00:14:52] Georgia reflects on what this podcast was set up to accomplish and she wonders what else is on the panelists minds about conversations on what it means to be a designer, the state of sustaining open source design at the moment, and future discussions they want to have. [00:21:41] Find out different places you can get involved and join us besides listening to this podcast, such as the Sustain Discourse, the Open Design discussion channel, the Sustain Slack, and if you want to be a guest on the podcast please contact us. [00:22:38] As we look forward to 2022, the panelists share parting thoughts on things they want to do and people they want to thank for being a part of this podcast. Links Open Source Design Twitter (https://twitter.com/opensrcdesign) Open Source Design (https://opensourcedesign.net/) Open Source Design Discourse (https://discourse.opensourcedesign.net/) Sustain Design & UX working group (https://discourse.sustainoss.org/t/design-ux-working-group/348) SustainOSS Discourse (https://discourse.sustainoss.org/) Sustain Open Source Twitter (https://twitter.com/sustainoss?lang=en) Richard Littauer Twitter (https://twitter.com/richlitt?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Georgia Bullen Twitter (https://twitter.com/georgiamoon) Eriol Fox Twitter (https://twitter.com/EriolDoesDesign?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Memo Esparza Twitter (https://twitter.com/memo_es_) Sustain Open Source Design Podcast-Episode 5: Bryan Paget on Open Source Developers with Design Thinking (https://sosdesign.sustainoss.org/5) Sustain Open Source Design Podcast-Episode 10: Justin Scherer on Open Source Design at Stax (https://sosdesign.sustainoss.org/10) Imposter Syndrome & Design- Who gets to say “I'm a designer?”-Human Rights Centered Design (https://hrcd.pubpub.org/pub/uyydag1t/release/2) Simply Secure (https://simplysecure.org/) Ushahidi (https://www.ushahidi.com/) Open Collective (https://opencollective.com/) Eriol Fox's PhD research into Design and Humanitarian Open Source Software-GitHub (https://github.com/Erioldoesdesign/Design_HOSS_PhD) The user is drunk-Richard Littauer Website (https://theuserisdrunk.com/) Sustain Open Source Design Podcast-Episode 16: Jérémy Landes on Type Designing (https://sosdesign.sustainoss.org/16) Sustain Podcast-Episode 100: Only Hosts, on who are are, where we came from, and where we're going (https://podcast.sustainoss.org/100) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/)

design phd wrap imposter syndrome edited ux design thinking landes memo stax open collective ushahidi open design simply secure

Episode 1: What is Sustain Open Source Design? An Introduction

Play Episode Listen Later Jan 29, 2021 25:27

Panelists Richard Littauer Eriol Fox Perrie Ojemeh Georgia Bullen Memo Esparza Justin W. Flory Show Notes Hello world and welcome to the debut episode of Sustain Open Source Design! On this podcast, we will talk about sustaining open source design. But what does design mean? Well, listen to this podcast and you will find out. Instead of having a guest we have six panelists, most won't be on every episode, but some will be on at least every episode. Today, our goal is to talk about who we are, why we think design is important, why we think open source is important, and what we think sustainability means for us. Go ahead and download this episode now to find out more and if you're interested, please subscribe! [00:01:20] Our first panelist is Eriol Fox, and they tell us all about themself and what designing means to them. [00:05:28] Our next panelist is Perrie Ojemeh, and she tells us all about herself, OSCA, and how she got into design. [00:08:31] Our next panelist is Justin Flory, and he tells us all about himself and what designing means to him. [00:12:40] Our next panelist is Memo Esparza, and he tells us all about himself and what designing means to him. [00:16:22] Our next panelist is Georgia Bullen, and she tells us all about herself, what she does at Simply Secure, and what designing means to her. [00:20:12] Our last panelist is Richard Littauer, and he tells us about himself and what designing means to him. [00:21:45] Georgia tells us the assumption of what design is and what it really is because it's actually really broad, and Eriol shares thoughts about design as well and having more conversations with developers and open source contributors of all different types. [00:24:39] We end with Richard saying if you have any guests, please send them our way, and where you can contact them via the Sustain Discourse or Twitter handles. Links Richard Littauer Twitter (https://twitter.com/richlitt) Eriol Fox Twitter (https://twitter.com/EriolDoesDesign) Perrie Ojemeh Twitter (https://twitter.com/peace_ojemeh) Georgia Bullen Twitter (https://twitter.com/georgiamoon) Memo Esparza Twitter (https://twitter.com/memo_es_) Justin W. Flory Twitter (https://twitter.com/jwf_foss) Open Source Design Twitter (https://twitter.com/opensrcdesign) Open Source Design (https://opensourcedesign.net/) Sustain Open Source Twitter (https://twitter.com/sustainoss?lang=en) Open Source Community Africa Twitter (https://twitter.com/oscafrica) Sustain Discourse (https://discourse.sustainoss.org/) Ford Foundation (https://www.fordfoundation.org/) Alfred P. Sloan Foundation (https://sloan.org/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr at Peachtree Sound (https://www.peachtreesound.com/)

design edited open source sustain ford foundation os ca simply secure

Simply Secure Podcast - Episode 4 - Cybersecurity Awareness Month

Play Episode Listen Later Nov 3, 2020 22:48

In this episode sponsored by Cisco, October was Cybersecurity Awareness month making it a good time to talk about employee culture, employee training and overall awareness surrounding cybersecurity. Joining Ron Temske, VP of Cybersecurity, Network and Workplace Solutions for Logicalis US is Richard Star, Data Protection Officer for Logicalis Group.

network cybersecurity cisco cybersecurity awareness month cyber security awareness data protection officer workplace solutions simply secure

Simply Secure Podcast - Episode 3 - The Zero Trust Cybersecurity Model (Part 2)

Play Episode Listen Later Oct 15, 2020 22:32

In this episode, part two of a two-part podcast, host Ron Temske continues his discussion with Aaron Woland, Principal Engineer, Cisco Security & Integrations Group, about the Zero Trust security concept and taking a practical and pragmatic approach to implementing Zero Trust in your organization.

model cybersecurity zero trust principal engineer cisco security simply secure

Simply Secure Podcast - Episode 2 - The Zero Trust Cybersecurity Model (Part 1)

En Garde! The Guardian Project Podcast

Play Episode Listen Later Jul 20, 2020 27:02

In this episode, part one of a two-part podcast, host Ron Temske interviews Aaron Woland, Principal Engineer, Cisco Security & Integrations Group, about the Zero Trust security concept - the fundamentals, history, and common use case scenarios.

model cybersecurity zero trust principal engineer cisco security simply secure

Clean Insights: Data, People and Dignity Roundtable with Data4Change, Tor Project, Simply Secure and Okthanks

Play Episode Listen Later May 22, 2020 46:34

Amazing designers talk about data, people and dignity! A podcast roundtable that is part of the Clean Insights Symposium Extraordinaire - Amazing designers talk about data, people and dignity! Show Notes Available at https://guardianproject.info/podcast/2020/cleaninsights-data-people-dignity.html

design data roundtable dignity open source tor project simply secure

Episode 1 - Introduction to the Simply Secure Podcast

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 14, 2020 41:03

Each episode of this podcast will dissect a security topic, and our goal is to really make it simple; hence, the name of the podcast - Simply Secure. This episode is an introduction to the series hosted by Ron Temske, VP of Cybersecurity at Logicalis US, and is sponsored by Cisco.

cybersecurity cisco simply secure

More Scout Brody: Bringing Design Thinking to IoT

Inside Out Security

Play Episode Listen Later Feb 22, 2019 9:53

By now, we’ve all seen the wildly popular internet of things devices flourish in pop culture, holding much promise and potential for improving our lives. One aspect that we haven’t seen are IoT devices that not connected to the internet. In our follow-up discussion, this was the vision Simply Secure's executive director Scout Brody advocates, as current IoT devices don’t have a strong foundation in security. She points out that we should consider why putting a full internet stack on a new IoT device will help an actual user as well as the benefits of bringing design thinking when creating IoT devices. Transcript Cindy Ng: I also really liked your idea of building smart devices, IoT devices, that aren't connected to the internet. Can you elaborate more? Scout Brody: Yes, you know, I like to say, when I'm talking to friends and family about the internet, there are a lot of really interesting, shiny-looking gadgets out there. But as someone who has a background in doing computer security, and also someone who has a background in developing production software in the tech industry, I'm very wary of devices that might live in my home and be connected to the internet. I should say, low power devices, or smaller devices, IoT devices that might be connected to the internet. And that's because the landscape of security is so underdeveloped. We think about where...I like to draw a parallel between the Internet of Things today and desktop computers in the mid-90s. When desktop computers started going online in the 90s, we had all sorts of problems because the operating systems and the applications that ran on those machines were not designed to be networked. They were not designed, ultimately, with a threat model that involved an attacker trying to probe them constantly in an automated fashion from all directions. And it took the software industry, you know, a couple of decades, really, to get up to speed and to really harden those systems and craft them in a way that they would be resilient to attackers. And I think that based on the botnet activity that we've seen in just the past year, it's really obvious that a lot of the IoT systems that are around the internet full-time today, are not hardened in the way that they need to be to be resilient against automated attacks. And I think that with IoT systems, it's even scarier than a desktop, or a laptop, or a mobile phone because of the sort of inevitable progression toward intimacy of devices. We look at the history of computing. We started out with these mainframe devices or these massive god awful things that lived in the basement of the great universities in this country. And we progressed from those devices through mainframes and, you know, industry through personal computers and now the mobile phones. With each step, these devices have become more integrated into our lives. They have access to more of our personal data and have become ever more important to our sort of daily existence. And IoT really takes us to the next step. It brings these devices not just into our home, but into our kitchens and into our bathrooms, and into our bedrooms, and our living rooms with our children. And the data they have access to is really, frankly, scary. And the idea of exposing that data, exposing that level of intimacy, intimate interaction with our lives, to the internet without the hardening that it deserves, is just really scary. So, that's, you know, a bit of a soapbox, but I'm just very cautious about bringing such devices into my home. However, I see some benefits. I mean, there are certainly...I think that a lot of the devices that are being marketed today with computer smarts in them are, frankly, ridiculous. There are ways that we could, sort of, try and mediate their access or mediate a hacker's access to them, such that they were a little less scary. One way to do that is, as you mentioned, and as we discussed before, to not have them be just online. You know, have things be networked via less powerful protocols like Bluetooth low energy, or something like that. That poses challenges when it comes to updating software or having, you know, firmware or software on a device, or having a device being able to communicate to the outside world. If we want to be able to turn our light bulb on the back porch on from our phone when we're 100 miles away, it's difficult. More difficult if the light bulb is only really connected to the rest of our house by Bluetooth, but it's still possible. And I think that's something that we need to explore. Cindy Ng: Do you think that's where design comes in where, okay, well, now we've created all these IoT devices and we haven't incorporated privacy and security methodologies and concepts in it, but can we...it sounds like we're scrambling to fix things...are we able to bring design thinking, a terminology that's often used in that space, into fixing and improving how we're connecting the device with the data with security and privacy? Scout Brody: I think so. I mean, I think what's happening today...the sort of, our environment we're in now, people are saying, "Oh, I'm supposed to have smart devices. I want to ship smart devices and sell smart devices because this is a new market. And so, what I'm going to do is, I'm going to take my thermostat, and also my television, and also my light bulb, and also my refrigerator, and also my washer-dryer, and I'm going to just put a full internet stack in them and I'm going to throw them out on the big, bad, internet." Without really stopping to think, what are the needs that actual people have in networking these devices? Like, what are the things that people actually want to be able to do with these devices? How is putting these devices online going to actually improve the lives of the people who buy them? How can we take these devices and make their increased functionality more than just a sales pitch gimmick and really turn this into something that's useful, and usable, and advances their experience? And I think that we, frankly, need more user research into IoT. We need to understand better what are the needs that people have in their real lives. Say, you want to make a smart fridge. How many people, you know, would benefit from a smart fridge? What are the ways that they would benefit? Who are the people that would benefit? What would that really look like? And based on the actual need, then try and figure out how to...and here's where we sort of switched the security perspective, how do I minimize access? How do I minimize the damage that can be done if this machine is attacked while still meeting the needs that the humans actually have? Is there a way to provide the functionality that I actually know that humans want, that the human people need, without just throwing it on the internet willy-nilly. And I think the challenge there is that, you know, we're in an environment where IoT devices...that the environment is very competitive and everyone is trying to do, sort of, the early mover trying to get their device on the market as soon as possible. We see a lot of startups. We see a lot of companies that don't have any security people. I know we have, sort of, one or two designers who don't have the opportunity to really go in and do research and understand the actual needs of users. And I think, unfortunately, that's backwards. And until that gets rectified, and you see companies both exploring what it is that people actually will benefit from, and how to provide that in a way that minimizes access, I think that I will continue to be pretty skeptical about putting such devices in my own home. Cindy Ng: And, so we've spent some time talking about design concepts, and security, and merging them together. How can someone get started? How do they start looking for a UX designer? Is that something that Simply Secure, the nonprofit that you're a part of, can you help in any way? Scout Brody: Yeah. So, that is actually, kind of, exactly what Simply Secure has set out to do as a nonprofit organization. You know, we recognize that it's important to have this partnership between design and security in order to come up with products that actually meet the needs of people while also keeping them secure and keeping their data protected. And so, Simply Secure works both in a sort of information sharing capacity. We try to, sort of, build a sense of community among designers who are interested in security and privacy topics as well as developers and security folks who are interested in learning more about design. We try to be sort of a community resource. We, on our blog, and our very small but slowly growing GitHub repository, try to share resources that both designers and software developers can use to try and explore and expand their understanding at the intersection of security and design. We actually, as an organization, do ourselves what we call open research and consulting. And the idea here is that an organization, and it can be any organization, either a small nonprofit consortium organization, in which case, you know, we work with them potentially pro bono. Or, a large for-profit tech company, or a startup, in which case we would, you know, try to figure out some sort of consulting arrangement. But we work with these organizations to help them go through a design process that is simultaneously integrated with their security and privacy process as well. And since we are a nonprofit, we don't just do, sort of, traditional consulting where we go in, do UX research and then come out, you know, with a design that will help the company. We also go through a process of open sourcing that research in such a way that it will benefit the community as a whole. And so the idea here is that by engaging with us, and sort of working with us to come up with a design or research problem...a problem that an organization is having with their software project, they will not only be solving their problem but also be contributing to the community and the advancements of this work as a whole.

internet iot ux bluetooth internet of things github design thinking simply secure

Scout Brody, Ph.D. on Creating Security Systems Usable for All

Inside Out Security

Play Episode Listen Later Feb 14, 2019 13:18

With the spring just a few short weeks away, it’s a good time to clean the bedroom windows, dust off the ceiling fans, and discard old security notions that have been taking up valuable mind space. What do you replace those security concepts with? How about ones that say that security systems are not binary “on-off” concepts, but instead can be seen as a gentle gradient. And where user experiences developed by researchers create security products that actually, um, work. This new world is conceived by Scout Brody, executive director of Simply Secure, a nonprofit dedicated to leveraging user interface design to make security easier and more intuitive to use. “UX design is a critical part of any system, including security systems that are only meant to be used by highly technical expert users,” according to Brody. “ So if you have a system that helps monitor network traffic, if it’s not usable by the people who are designed to use it or it’s designed for, then it’s not actually going to help them do their jobs.” In the first part of my interview with Scout Brody, we cover why security systems aren’t binary, the value of user interface designers, and how to cross pollinate user personas with threat models. Transcript Cindy Ng: Scout Brody has long been passionate about improving the usability of security tools. Rather than a tech and product only mindset, she advocates a human first or empathy first mindset. Processes such as user experience and human centered design can help improve the way humans and security technologies interact. As a former product manager at Google, she worked on projects such as 2-Step Verification and the Android operating system. Now she's an executive director at Simply Secure, a nonprofit dedicated to crafting usable and secure technologies, while making them available to everyone. The cornerstone of your work, Scout, you say consumers abdicate their security and privacy for ease, convenience and because sometimes they're strong-armed to yielding all their personal information in order to download an app or use a piece of technology because that's how technology is being developed. And the way you describe how security and privacy technologies are being developed, that they're not binary concepts but gradient, and can you elaborate more on what that means? Scout Brody: Well, Cindy, I think that as a security professional in our field we tend to think of things in absolutes and we tend to be constantly striving for the ideal. So if you're an I.T. professional working in a corporate environment, you are trying to do your utmost to make the settings as secure as it possibly can be because that's how you define success as a security professional. When it comes to thinking about security for end-users however, it's important to recognize that not everyone has the same definition of what security they need to meet their needs or what privacy means to them. So one good example might be that you have, say you know a government worker who lives in Washington, D.C., and is very concerned they might have what we call in the security business, a particular threat model or they're worried about those people accessing their information, for professional purposes. They might be concerned about organized crime or foreign governments or all sorts of different things. And that's a very different threat model than someone who is a stay-at-home dad in Minnesota for example, who you know may not have those same concerns when he's going and posting adorable photos of his kids on Facebook, that that information might be compromised or used to hurt him or his professional life in any way. So I think this notion that there is no one definition of what is secure but I like to talk about usability and design as being gradient in the same way that security is. So in security, although we tend to think of it as an absolute, when we get down to the practice of security, and we very rarely say "Oh, this system is secure." No, we say "This system is secure against threats A, B and C," it's secure in the face of a particular threat model. And similarly when you talk about a system being usable or useful to end-users, we have to say, "This is usable and useful to these users in these contexts." Cindy Ng: I like what you mentioned about threat model and context. Can you provide us an example of how you would align a threat model alongside with the technology you have, what would that look like? Scout Brody: Well, I think that it depends, I think I want to clarify that when you say design, we're talking not just about a system architecture design but we're really talking about the design of the entire piece of software, including the user-interface or as you like to say in the design side, the user experience or U.X. And a U.X. design, I maintain, is a critical part of any system, including security systems, even security systems that are really only meant to be used by highly technical expert users. So if you have an I.T. system that helps monitor network traffic, if it's not usable by the people who are designed to use it or that it's designed for, then it's not going to actually help them do their job, it's not actually going to be successful as a piece of software. Re-emphasizing that design doesn't just mean architecture design, it may mean design also of the user experience. And I think it's really important when we're looking at the software design process to consider a partnership between the user experience designer and the software designer, including the security expert. So I think that it's important to look at the user experience from a security perspective and to look at the security from a user experience perspective, and that's one of the reasons that we advocate a deep partnership between security folks and user experience folks. That they collaborate on the design of the system from the beginning, but they try to understand one another's priorities and concerns and that they try and sort of use one another's language to talk about those priorities for the system. Cindy Ng: And when you talk about U.X. design and then design in general, what is the business value of a designer and why is that partnership so critical? Because these days anyone can install Illustrator or Photoshop and start drawing or creating or you can submit a request online for any kind of artwork to be created and within 24 hours, 48 hours you get what you requested. What's the difference between the kind of design I'm talking about versus a partnership? Scout Brody: Well my favorite analogy when talking to security folks about the importance of, you know, high quality in-house design, is to talk about cryptanalysis or cryptographic protocol design. We do not expect that a designer, a user experience designer or even an average sort of lay person software developer will be able to develop a secure cryptographic protocol. We don't say, "Oh but you know what, I have a terminal window, I've got a text editor, I can write my own cryptographic protocol, I understand prime numbers, I understand, like, the concept of factoring, so therefore I am totally qualified to write a cryptographic protocol." No. We also don't say, "Oh well but there are freelance people on the internet that I can hire to write my cryptographic protocols for me, so I'm just gonna, you know, outsource this on this site here, I need a protocol that allows me to change it in this way under these parameters, "Hey freelance cryptographer that I met on the internet, that I found on a freelance website, can you design this for me?" No, absolutely not. And why is that? It's because we recognize the value of the expertise that goes into designing a cryptographic protocol. We recognize that there are deep concerns, deep nuances that come to bear when a cryptographic protocol is put into place. There are ways in which it can break that are very hard to predict unless you have a lot of background in designing and analyzing these protocols. Although it's not quite as extreme when you look at U.X. design because there are certainly I guess probably more qualified U.X. designers out there than there are truly qualified cryptographic, you know, cryptographers. It is an important analogy to draw because we don't expect designers to do cryptography, why do we expect cryptographers or software developers in general to do design? I think that there is that sort of assumption that anyone can do design, anyone can pop open Illustrator and then come out with a user experience that is going to be workable. Or the expectation that you can just hire sort of a freelancer to come in and work for a two week sprint and put something out for your product, really underestimates the importance of the user experience design to the success of your product. I think that you look at all of the ways in which systems fail, security systems in particular, because security's way of talking about this is, "Oh humans are the weakest link." And I say, "No, it's not that humans are the weakest link, it's that the user interface that you have created or the human policies that you have put in place are broken." And that they're not taking the human system into account in the way that you need to. And that's exactly what U.X. designers can help you do, is understand. U.X. designers and researchers, can help you understand the users that are going to be using your system and help you can put in place interfaces and human processes that will allow them to be successful in using your system. Cindy Ng: You mentioned in a previous conversation we had about U.X. designers developing user personas, can you talk a little bit about why they're used in creating a product you might be building? Scout Brody: Yeah, so user personas are a handy sort of reference that is created out of a user experience research process. So the idea is that ideally, you know, U.X. designers or researchers have the opportunity to go and spend some quality time talking to people who would ideally be users of the system that's being designed. So if you're designing a system for system administrators like I mentioned earlier, to do network analysis, you know, ideally you'd have the opportunity to go and actually talk to these people. You know, go see them in their workplace, experience the challenges that they face, the things that they're concerned about, the tools that they use today, what they like about them and what they don't like about them. And ideally you would have the opportunity to talk to a great variety of folks who do these things. And on the upside of this research process, you would have all of this data about the various different people you talk to. And you go through a sort of informal clustering process to try and capture that data in a succinct way that the user experience designers can then move forward with their design, bearing all of that information in mind. And that sort of abstraction is called a user persona. The idea is that talk to 20 different system administrators from around the globe and you come out with four or five different user personas that sort of reflect the needs and challenges that those users face. So you might have a user persona named Annabelle, and Annabelle is a very experienced system administrator who is overworked because she has too many meetings and gets too many emails and too many notifications, and is really looking for a system that will help her sort of cut through all of the noise and really identify the important signals. And then you might have a user persona named Jim, and Jim is a more junior system administrator who has the time to really go through and read all every single email notifications and understand what it means, things like that, and really wants to be able to have lots of detail at his fingertips. So these are two distinct sort of personalities that are based in the actual user research that you did that help inform your design and end up allowing you to have sort of a shorthand to bear in mind each of these different users' needs as you're going through the process of designing your system. One really interesting and compelling idea that I've come across for the past couple of years is the notion of using user personas instead of cross-pollinating them with threat model. And the idea here is, okay you are a user experience designer and you have these different user personas that you're using to try and design a system that will work for a great diversity of users, can you also consider the possibility of having user personas for your potential attackers? So if you are working in partnership with your security professional who is working on a project, can you say, "Okay what are the threats that we think are facing our software?" Okay, we expect that there is going to be an attacker who is sort of a script kiddie persona. That there is going to be an attacker who is a nation state actor. We expect there is going to be a criminal, you know, organized crime attacker. And what are the different capabilities of these attackers and what is our system going to do, both at the architecture level and at the user experience level, to try and be resilient to these things? And I think it's a sort of interesting way of bringing the expertise and the structure from the two different domains, security and user experience, and working together to highlight the needs and vulnerabilities of a piece of software you're trying to develop and process.

google washington minnesota android ux processes photoshop illustrator ux design infosec usable security systems step verification simply secure

Their Story Chats at RSA Conference 2018 | Jay Kim from Data Locker

Play Episode Listen Later May 1, 2018 11:30

ITSPmagazine’s John Dasher chats with Jay Kim from Data Locker during RSA Conference 2018 in San Francisco to discuss how enterprises can take advantage of Data Locker’s “Simply Secure” innovative hardware-encrypted storage devices, device management, and their upcoming cloud encryption gateway. For more updates from RSA Conference 2018, visit www.itspmagazine.com/itsp-chronicle…nce-2018-recap

san francisco data locker rsa conference jay kim simply secure

Let's fix things 53 - Ame Elliot and designing security, live from ThingsCon

Let's fix things

Play Episode Listen Later Dec 7, 2017 20:36

This week Guus and Joe welcome Simply Secure's Designer Director Ame Elliot as a guest podcasting live from ThingsCon in Amsterdam. The three discuss the importance for designers to think about security as a design task and design competency. --- Send in a voice message: https://anchor.fm/letsfixthings/message

security amsterdam designing guus simply secure

Scout Brody on crafting usable and secure technologies

Play Episode Listen Later Mar 15, 2017 13:48

The O’Reilly Security Podcast: Building systems that help humans, designing better tools through user studies, and balancing the demands of shipping software with security.In this episode, O’Reilly Media’s Mac Slocum talks with Scout Brody, executive director of Simply Secure. They discuss building systems that help humans, designing better tools through user studies, and balancing the demands of shipping software with security.Here are some highlights: Building systems that help humans We tend to think of security as a technical problem and the user as the impediment to our perfect solution. That's why I try to bring the human perspective to the community. I think of human beings as the real end-goal of the system. Ultimately, if we aren't building systems that are meeting the needs of humans, why are we building systems at all? It's very important for us to get out and talk to people, to engage with users and understand what their concerns are. Designing better tools through user studies A powerful tool you can adopt when talking to users is cognitive walkthrough. In essence, you ask them to tell you what they're thinking as they're thinking it. So, if you're going to do a cognitive walkthrough for an encryption program, you might say, ‘I'd like you to encrypt this email message. Please tell me what you're doing as you're doing it and all of the thoughts that occur to you.’ You might hear someone say, ‘Oh, wow, okay, so I'm going to encrypt. I don't really know what I'm doing. I'm going to start by pushing this button because that looks good. That's green. I'm going to push that.’ You can really hear the thought process that people are going through. If you're in a more formal user study context, it can be useful to get the user's consent to videotape—not necessarily the person, but the screen—and see what they're doing because then you can play it for your colleagues. This is one of the most convincing ways you can make a case that your tool has problems or your tool needs improvement. Thus, just by videotaping people trying to use a tool and showing the challenges they face, you can identify ways to improve the user experience. Balancing security with shipping software Given my human orientation, I view software as a process, not a product. So, what are the human processes you can build in to make sure the security goals are met? To that end, you should be thinking about your developers and thinking about the people who are trying to get your software out the door. As human beings, what are the psychological components that you, as an engineering manager or a security advocate within your organization, can instrument to try to incentivize them to focus on security? It's a continuous effort, which makes it hard. It's challenging. But just like any kind of technical debt, if you don't chip away at it little bit by little bit, over time it will grow until it's a mountain.

technology building balancing secure designing crafting xd xa usable o reilly media simply secure

Scout Brody on crafting usable and secure technologies

Play Episode Listen Later Mar 15, 2017 13:48

The O’Reilly Security Podcast: Building systems that help humans, designing better tools through user studies, and balancing the demands of shipping software with security.In this episode, O’Reilly Media’s Mac Slocum talks with Scout Brody, executive director of Simply Secure. They discuss building systems that help humans, designing better tools through user studies, and balancing the demands of shipping software with security.Here are some highlights: Building systems that help humans We tend to think of security as a technical problem and the user as the impediment to our perfect solution. That's why I try to bring the human perspective to the community. I think of human beings as the real end-goal of the system. Ultimately, if we aren't building systems that are meeting the needs of humans, why are we building systems at all? It's very important for us to get out and talk to people, to engage with users and understand what their concerns are. Designing better tools through user studies A powerful tool you can adopt when talking to users is cognitive walkthrough. In essence, you ask them to tell you what they're thinking as they're thinking it. So, if you're going to do a cognitive walkthrough for an encryption program, you might say, ‘I'd like you to encrypt this email message. Please tell me what you're doing as you're doing it and all of the thoughts that occur to you.’ You might hear someone say, ‘Oh, wow, okay, so I'm going to encrypt. I don't really know what I'm doing. I'm going to start by pushing this button because that looks good. That's green. I'm going to push that.’ You can really hear the thought process that people are going through. If you're in a more formal user study context, it can be useful to get the user's consent to videotape—not necessarily the person, but the screen—and see what they're doing because then you can play it for your colleagues. This is one of the most convincing ways you can make a case that your tool has problems or your tool needs improvement. Thus, just by videotaping people trying to use a tool and showing the challenges they face, you can identify ways to improve the user experience. Balancing security with shipping software Given my human orientation, I view software as a process, not a product. So, what are the human processes you can build in to make sure the security goals are met? To that end, you should be thinking about your developers and thinking about the people who are trying to get your software out the door. As human beings, what are the psychological components that you, as an engineering manager or a security advocate within your organization, can instrument to try to incentivize them to focus on security? It's a continuous effort, which makes it hard. It's challenging. But just like any kind of technical debt, if you don't chip away at it little bit by little bit, over time it will grow until it's a mountain.

technology building balancing secure designing crafting xd xa usable o reilly media simply secure

The ThingCast - Episode 18 - Ame Elliot @ ThingsConAms 2016

TheThingcast

Play Episode Listen Later Dec 16, 2016 43:09

Design Director of Simply Secure, Ame Elliott is passionate about privacy, data protection and how can really small design decisions can have a huge impact on people's behaviour. She joined Simply Secure after eight years at IDEO San Francisco, where she led the discipline of Design Research and delivered human-centered tech strategy projects for clients such as Acer, Ericsson, and Samsung.

samsung ericsson acer design director design research simply secure ideo san francisco

Ame Elliot on designing for usable security and privacy

Play Episode Listen Later Dec 7, 2016 19:11

The O’Reilly Security Podcast: Designing for security and privacy, noteworthy tools, and the real-world consequences of design.In this episode, O’Reilly’s Mary Treseler talks with Ame Elliot, design director at Simply Secure. They discuss designing for security and privacy, noteworthy tools, and the real-world consequences of design.Here are some highlights: Designing for usable security and privacy Privacy and security are tightly interrelated. Privacy, or confidentiality, is one technical goal of security. Other technical goals of security include integrity and non-reputability. As a UX designer, I’m coming at this from a human-centered design perspective. I care about what end users experience, and privacy feels like the quality that people are looking for in an interaction. I would like to see designers working together with some of the fantastically talented cryptographers to make security usable and delightful so that end users can experience privacy. In order to do that, there's a real need to help users understand that privacy and security aren't necessarily the same. There can be opportunities for new interactions and new product messages to make it clear to end users who is accessing their data and to what purpose. That could be everything from privacy being a feature that a cloud service company promotes, to a secure system for end-to-end encryption in a messaging application. I would like to see a new class of interfaces that give people confidence and power about how their data is accessed and used. Promising open source options and other tools Right now at Simply Secure, we're choosing to partner with open source development efforts. There are a lot of things that are special and exciting about open source. I think designers who take a human-centered approach can benefit by being empathetic with their partners and empathetic toward the other people in their efforts, so it's not just a matter of how you can understand the needs and priorities of end users, but how you can understand the needs and priorities of the teams that you're working with so that you can come together toward a common goal. The Electronic Frontier Foundation has a score card out right now around secure messaging. There are some tools on there that are very rightly being called out and celebrated. For example, the Signal iOS app has been recommend by Laura Poitras, Citizenfour, and The Wall Street Journal. I have a ton of respect for what the Open Whisper Systems team is doing, including integrating into WhatsApp. I'm also just excited about mass market tools. Apple's iMessage is doing some really interesting things. The hope in using a variety of tools is that we can come up with solutions that are globally inclusive and can give a huge mass of people worldwide the ability to communicate securely and privately. Design has real-world consequences I've learned a lot from successes in health care and banking, and in transforming previously complex, off-putting, technical, irrelevant information into exciting and actionable information for end users. The thing that unlocked that change was design. I am optimistic about the role design can play in solving similar systematic challenges, like those found in security and privacy. One of the things that really influenced me in my journey toward working on security and privacy was Mike Monteiro’s 2013 Webstock talk, How Designers Destroyed the World. He gave examples of the ways Facebook users can make decisions that have drastic, real-world consequences to people's lives. That was pretty eye-opening for me and made me think, ‘Hey, these aren't just pixels on a screen. There are people behind these systems, and where designers are making questionable choices, there can be drastic consequences.’ I think designers do have a responsibility. User experience is critical. Design leadership needs to empower designers so they feel they have a voice and the agency to change the shape of a product and get the right values out in the world.

world apple design security wall street journal whatsapp designing privacy user ux promising xd o'reilly imessage electronic frontier foundation xa usable citizenfour laura poitras mike monteiro webstock simply secure open whisper systems

Ame Elliot on designing for usable security and privacy