Author: Rob Broadhead

  • User Experience Should Always Be High Priority

    User Experience Should Always Be High Priority

    The User Experience aspect of applications is often on my mind. I am not a designer, but even the most simple solutions can be rendered unusable when one ignores UX.  A recent experience with a front-end to a web app. Reminded me of how bad it can be for a user.  My frustration ran high, and I would have walked away never to view the application again if I had the chance.  Likewise, I will complain to anyone who will listen about the experience and may sour others on it.  That is the last thing anyone wants for any application.

    The Intro – How I Got There

    Allow me to set the stage for this little drama.  I recently took a certification exam from the comfort of my home.  It has its annoyances but does save me a drive back and forth to a testing center.  There is a validation step to prep and ensure your environment meets the requirements as well as checks to avoid cheating.  Once you are validated, a proctor connects via text, does a few last-minute checks, and then your machine is sent the test.

    Overall, this is a good system, I think, and probably does a good job stopping people from cheating.  This solution is a good one in this case.  However, the experience I had leads me to think I will never try that again.

    A Bad User Experience

    The steps before the exam are where I had all my frustration. The exam process and experience was exactly what I expected.  We will start with the preparation step.  When you start into the prep process, you are given a nine-digit id to link uploads to the system.  You are sent a link on your phone, so you can take pictures and send them to the site.  The photos include the front and back of your picture ID (driver’s license) and then four to cover the front, back, left, and right view of your work area.  So far, so good.
    The upload process tells you what picture to take, flips to your camera app, then you click a button to submit.  The user experience gets bad quickly at this point.  There is no explanation about the pictures other than what I listed above.  I have no idea if you have to take a specific layout or from a certain distance.  It gets worse.  If there is a problem with the photo upload, you are taken back to the screen to enter the nine-digit ID and forced to walk through the screens again.  There is no error message or indication of what went wrong.  It does save pictures previously loaded, so at least once you get a successful upload, you do not have to re-enter that picture.

    A Painful Design

    The preparation process I listed above gets repeated precisely the same way when you log in to take a test.  You have to send an ID again and all of the pictures of the environment.  A bad UX is doubled down on.  This becomes more frustrating when the proctor has access to your machine camera and will likely ask you to pan it around your work area.  Thus, confirming a third time that you have a valid environment (no notes on the desk or anything like that).
    The same message-free process is used again, so in my case, I spent around forty-five minutes retaking those twelve pictures.  I lost count of how many times I took each, but I think I attempted each one at least three times.  It is more frustrating because it was not an Internet connection on my end.  I had stable and reliable high-speed connections throughout that time.

    A Moral To The Story

    I mentioned that this solution as a whole is awesome.  It is also one that was critically needed in a time of social distancing and stay-at-home orders.  It allowed me to get a certification test done much sooner than I would have otherwise.  I appreciate that.  However, a user experience that has a user in limbo for over a half-hour is far from good.  I think all of us would be happy to walk away from that experience.
    In this case, that validation process was a small part of the overall solution.  You may have seen features like this that are a registration, login, or even close account solution.  These are small parts of the overall solution and often seen as not integral to it.  For example, I often work on MVP solutions that ignore some of these “minor” features and even downplay the overall UX.  That is a dangerous approach to take.  Consider how much damage this bad experience for me will translate into bad feedback spread to others.  That should make you think twice before lowering the priority of the UX for your solution.
  • Why Security Awareness Matters To You

    Why Security Awareness Matters To You

    In the last few years, the idea of security awareness has risen to at least being on the radar of many CIOs. However, the general concepts around this topic are not seen as important enough to many outside of the IT world. The threat of cyber-based attacks is a reality for all of us. That alone makes this a subject we all should be concerned about. It is worth our time and investment to put a good program in place.

    Security Awareness is Affordable

    I find that too often security implementation and its high costs are confused with awareness. This is similar to thinking that educating people on health issues is the same as treating those issues. However, there are substantial security awareness programs like Ninjio, Know Be 4, Secure ED, Security IQ, and Media Pro that are professionally created, high-quality, and cost around a few dollars a month per person. Think about those costs. A family of four could take advantage of a SA program for roughly ten dollars a month. You may laugh at the family idea but how many children now are almost always connected and have access to texts, email, and social sites?

    The cost of falling into a scammer trap can quickly climb to scary heights in time and money. That risk alone should make you rethink the value of a SA program. Likewise, the fortune you save may be your own.

    It Is Constantly Evolving

    Even IT professionals can fall for phishing scams. Yes, read that again. Your daily work in the IT world does not make you automatically protected from scams. There is always a new scam out there, and knowledge is critical to avoiding them. For example, have you heard of scams where people buy a house and find out they did not buy a house? Instead, scammers walked off with the money. There are too many new ways for people to trick you to keep up with the latest approaches. That is where SA comes in. You have people working to inform you of the latest scams, test your knowledge, and even test that you paid attention to the material.

    How Does It Work?

    At this point, I hope you are at least considering checking out some security awareness programs or asking your IT leadership to do so. That means you are wondering what to expect with such services. The good and bad news is that they are all very similar. That is good because of so many excellent options. It is bad because it can be hard to choose. Most programs send material on roughly a monthly basis. This is often an email of some sort, and most include a video tutorial that goes over the latest things to look for. This may seem tedious and boring. However, the videos are usually ten minutes or less and can be highly entertaining. Some are even produced by entertainment writers like those that put together the shorts on Saturday Night Live and similar television shows.

    The videos/content is just part of a good program. You will also periodically be sent phishing emails, phone calls, or texts to help expose you to the kind of things to watch out for. If you fall for the scam, then you are sent a “you should not have clicked” form of email or message that educates you on how to avoid such things in the future. This combination of educational material and practical testing has been shown to reduce the effectiveness of all forms of scams dramatically.

    I Want To Learn More

    Here are a few links to help you get up to speed on security awareness programs and vendors.

    https://www.itgovernanceusa.com/security-awareness-program

    https://www.infosecinstitute.com/iq/awareness/

    https://www.knowbe4.com/

    https://ninjio.com/

    https://www.mediapro.com/security-awareness-trainingpack/

  • Effective Planning For The New Year

    Effective Planning For The New Year

    Ah yes, another new year has come upon us. I have spent a lot of time on our mentoring site (https://develpreneur.com) talking about the value of steady progress and intention as we strive to meet goals. Although there is much to be said about effective planning and review on a regular basis, the beginning of a year often seems the most comfortable starting point.

    Invest Time For Effective Planning

    The first thing that is important and natural to do at the beginning of a year if planning. It is one thing to list out some goals. As you know, it is quite another to create a plan for achieving those same goals. Nevertheless, this is a necessary and healthy process. When we take the steps to pull goals out of the clouds and ground them in reality, our path becomes clearer and those milestones have a greater meaning. This can be lost in corporate planning sessions where big is the word of the day. Thus, we should follow our “what” with a realistic “how.”

    For example, we can set a goal to increase our customer base by fifty percent this year. That is admirable and looks good on paper. However, how are we going to achieve that? There will likely need to be quarterly goals that will keep us on track as well as service, product, and resource adjustments that come with such a goal. Once we look at the reality of achieving that goal, it may be almost out of reach.

    Grow As A Body

    That is a challenge in growing a business. There is almost never only one or two factors in growth. A business grows as a whole. It is like a human body. You would have a tough time if your legs grew from birth to adult size before the other parts of the body did. Our professional goals are often similar. We have to grow in multiple areas in concert. It does not make sense to have an incredible product but no sales or marketing resources. Likewise, a world-class marketing team is going to struggle in selling a non-existent (or highly inferior) product.

    Steady Steps Can Carry You Great Distances

    These challenges are where effective planning pays a solid dividend. Those impressive goals have a number of prerequisites we will need to tackle to achieve success. Our planning will help us validate our plan and plot a course that seems much more realistic. This is the idea of eating an elephant a bite at a time. When we break down the big goals into the smaller steps we can break them down further into weekly or even daily steps and milestones. This approach avoids a feeling of some sort of death march and gives us regular “wins” to keep a sense of progress throughout the project It is a way of thinking that makes many software teams choose an Agile approach. However, this works for much more than IT projects alone.