Lessons from Architecture School for IoT Security

Software is impermanent; its underlying code will always need updating. Architecture is enduring, meant to last for generations. But both strive to be intuitive, and architecture can teach security and UX professionals how to build IoT applications that balance seamless experience and upgradable infrastructure.

Security for the Internet of Things (IoT) needs design, and appropriate complexity is the key UX challenge for IoT. Architecture school teaches problem finding over problem solving and prepares professionals to work on complex systems.

Summary: Start with people in context, understand unspoken needs, homes are more than houses.
Summary slide from presentation at O'Reilly Solid in 2015. All slides are available for download.

Our three-part series discusses how lessons from architecture school can inform IoT security.

Lessons from architecture school for IoT security

Related

Professional Knowledge and IoT

This year's Consumer Electronics Show (CES ‘17) showcased numerous internet of things (IoT) devices but was found wanting when it came to security concerns. In his UX of IoT report from CES, Scott Jenson assesses that “companies really, really, REALLY want to make home automation systems,” but how can we begin to consider the ethics when developers don’t even consider security risks? IoT systems pose two security challenges. First, they can be manipulated as surveillance infrastructure to target vulnerable people.

One Phish, Two Phish: Security for Designers

Most people who spend time online have a general idea of what "phishing" is, but it can be hard for folks outside of the security community to pin down an exact definition. Understanding the threat that phishing attacks pose can help designers and other UX experts become effective advocates for experiences that protect users. In this post, we will explore the basics of how phishing attacks work, and in a follow-up post, we will examine some of the mechanisms that protect users against them.

Essential Non-technical Skills for Working in Security

Building trustworthy technology requires more than technical expertise. Interaction design, service design, brand strategy, and writing are needed.