When it comes to human needs, security shows up as somewhat essential. In the study of human psychology, basic security forms the foundation on which more aspirational needs and wants rest.
Great things are supposed to happen when “the mind is without fear and the head is held high.” In that sense, providing for security seems like a foundational aspect of how we should conduct ourselves. Yet, in IT endeavors, security remains an afterthought, and often only a nice to have.
Teams want results. There is also an inherent need for speed, and security often comes in the way. Why bother scaling and securing something that is experimental and throw-away? Aren’t we supposed to avoid premature optimization and grandiose upfront design and let it iteratively evolve, the agile way?
The best designers, however, ought to not ignore security/scale when developing systems that will have some permanence and value longer term. It is important to lay the foundation right for future value to be developed in order to allow for unhindered creativity to nurture – thus creating further value in the process.
There are also other connotations to security – for e.g. worries that you are always being monitored and that big brother is watching. It is seen as being in conflict with privacy, and often in conflict with the need for people to build and use open systems that are fun and hackable.
However, a one-size-fits-all approach doesn’t work. There have to be different solutions for different occasions. While it is ok to want to hack a system you own, it is not ok to expect the manufacturer to support the customized or hacked version (think iPhone jailbreaks). The choice and power needs to be democratized and placed where it belongs.
The choice of keeping a system open for modification vs. closed for access has to be made by the rightful owner. In that sense, a potentially open system need not be insecure by design. An auditable system need not exist for the sole purpose of big brother to watch over your shoulders. Security knobs should exist for the rightful owner to exercise their wisdom, and face the consequences of the choices they make. And for that, security needs to be made table stakes and easier to incorporate than it has ever been. People should be able to start with easy to use foundational security that grows along with their needs.