If you do an Internet search on “usability and security,” most of the entries you’ll see are understandably focused on how to make choosing secure options or enabling security as easy as possible for end users. There isn’t much that bubbles to the top about the people who are responsible for data security in their organizations and their own user experience with the tools they use.

Talent Is a Precious Resource

I think it’s important that we consider these behind-the-scenes warriors and what can be done to ensure their skills are being used to make the greatest impact. The good guys are fighting an expanding war on multiple fronts, minimizing risks from cybercriminal organizations to nation-state attacks.

This has led to a war on talent for good security personnel both in government and in the private sector. Security organizations must be effective in bringing on new talent and support them by providing interesting projects with measurable impact — and investing in the tools these workers need to be effective and efficient.

Use Brains, Not Brawn

I work in the data security space, and we are still seeing organizations relying on manual processes to synthesize and create reports from their database audit logs. Not only is this approach slow, but it’s not interesting work. When you want to hire security talent, they need to feel that their work is interesting and valuable.

Panelists at a Financial Services Roundtable event “cited talent as one of the most critical factors in the war against cyberattacks” and noted that “the best analytical engine is the human brain,” according to The Wall Street Journal. That was especially true “when deployed in concert with advanced analytics, data visualization and other information management tools that comprise an effective cyber risk architecture.”

So why not take advantage of your talent’s brains? Use a data security platform that does real-time user activity monitoring of databases, files and big data platforms, and then layers on top of that the analytics, associated visualizations and search capabilities that help with risk identification and forensic analysis.

In addition, make sure that the whole system has automation capabilities to avoid the tedium of repetitive tasks, and that it can integrate well with other security and operational systems to avoid gaps in security coverage and enable holistic security intelligence. It should also include a guided workflow to help both new and experienced personnel get the job done more quickly and with less room for error.

Encourage Participation by the Business

Some people involved in cybersecurity don’t necessarily have interests or backgrounds rooted in IT; they represent the business interests instead. Such workers should be able to log into the security platform and see only what they need to see, such as required reports or their to-do lists.

This is where customization of the interface comes in. It can help these people get in quickly and do what needs to be done without having to memorize a sequence of events or have a cheat sheet on their desks. Not only does this make your staff more efficient, it ensures appropriate separation of duties by providing granular control over who sees what from the security platform.

A Major Step Forward in Usability

Some data security and protection tools have a long history of automation capabilities and integration capabilities. IBM Security Guardium has given itself a makeover and delivers significantly improved usability, with more improvements on the way.

Download the IBM Security Guardium Data Activity Monitor data sheet

more from Data Protection