I am a believer in the power of “media 2.0” (or whatever name you happen to like calling it). I really enjoyed reading All Software Should Be Social – it really hit home with me in terms of thinking about how to create a more personal approach to really anything. This quote really made sense to me:
Since reading that, I can barely use software that doesn’t have other people in it. I want profiles and faces and connections. I want to see what others are doing with the software. I want to connect and be connected.
I believe we need to take a similar approach with respect to how we protect information (practice security). When we call it “security”, it feels sterile, cold and heavily focused on technology. As a result, I think we have ironically made it easier for others to simply declare security “not their problem” and move along. They wait for someone else to help – without the need of having to take personal responsibility.
So I ponder – what if we leveraged the power of social media, media 2.0, web 2.0, or whatever you like to call it – and focus on the success. Rather than focusing on the specific technologies (RoR, ajax, etc.), what if we focused on design, ease-of-use and the ability to connect our concepts to people in a way they understand. What if we did this in a way that makes the protection of information personal again? I bet we start to see less breaches, people happier and we make a difference.
This is why the initial framework I proposed was called “security 2.0” – but it’s getting a new name and I’m about to announce a project to involve others in defining what the future of our practice of security looks like. I’m really excited about the future of what we do – and am working on some plans to help make this easier for us to be successful!