View from India: Secure design is here to stay
Skill, diversity and scale are among the several factors that contribute to the design ethos. Since design involves inputs from a cross-section of professionals, it’s essential to build systematically secured software right from the pre-deployment phase, a design conference has heard.
When we look at security across the design horizon, it’s a challenge to create a synergy between security and user experience, more so as the latter determines the design capabilities. “The threat landscape in India is characterised by cyber attacks; and when the cause is detected it involves money to set things right. And sometimes security-related costs are higher than the actual product or service,” said Venkatasubrahmanyam Krishnapur, engineering VP and managing director, McAfee, addressing the audience at Design4India, a NASSCOM initiative.
At a rudimentary level, security is thought of as a speed-breaker, whose pop-up mechanisms hinder the workflow. But the bottom line is that we need security because connected devices are prone to cyber and security threats. The number of connected devices and smart gadgets like wireless cameras, smart padlocks and children’s toys has increased exponentially over the years. Likewise, the volume of cyber attacks has also swelled up.
“According to the Software Fail Watch Report released in 2018 by Tricentis, the leader in continuous testing, software failures resulted in financial losses to the tune of $1.7tn last year,” revealed Krishnapur. “The number of reported failures was 10 per cent higher in 2017 than in 2016. Going by the magnitude of revenue loss, the design agenda needs to incorporate security into the software development cycle,” he declared.
When we look at the software development cycle, validation mechanisms should be leveraged to validate the data. Invariably when third-party applications are integrated into the software, there’s a risk of introducing malware. To give an example, various materials are used to design a product. When these materials combine with other raw materials, they may be prone to hazardous risks (which may not be the case when these materials are in their raw form). Or even the use of components with known vulnerabilities can lead to a security risk. A risk assessment should be performed in order to gauge safety factor.
Technologies such as machine learning (ML) deep learning (DL) and artificial intelligence (AI) along with data provide a huge opportunity in terms of what analytics can do. When narrowed down, it helps in pattern recognition. As a natural progression, products that follow voice commands can be developed.
Functionality of design and the data needs to be safe. With this, come other highlights. Security should take design to the next frontier with authentication features like voice/face recognition software, calibrated to recognise an individual’s voice/face. Theft of intellectual property (IP) and counterfeiting are among the major threat concerns across verticals. Security control mechanisms should also take into account IP rights, privacy and confidentiality.
Other aspects include password protection. “If a smart home is poorly configured, and an Alexa follows voice instructions to open the door, make sure that you are the owner of the house and the door doesn’t open to welcome strangers through automated instructions,” Krishnapur warned.
Designers should leverage security for business benefit but also ensure that the design is user-friendly, and carries the promise of ease of use. “Good design is paramount in service offerings. Design will impact data analytics, smart hardware and web interfaces,” reasoned Ravi Gururaj, founder & CEO of Qikpod, and NASSCOM executive council member.
In an effort to augment the software product innovation ecosystem in India the NASSCOM Design4India Studio was established in Bangalore earlier in the year. In association with Facebook as lead partner for Design4India and WeWork as the collaborative space partner, the NASSCOM Design4India Studio is conceptualised as a dedicated design studio for web, mobile, augmented reality and virtual reality platforms for start-ups and designers.