Virtru was on the ground this month at the 2019 USENIX Security Symposium to participate in a series of events and connect with key partners in the fields of usable privacy and security. As the leaders of Virtru’s user experience and data science teams, we were both excited to dive into complex discussions and workshops with other researchers on topics like designing for usable privacy and secure data-sharing practices.
In addition to the many workshops, papers, and poster sessions, we were honored to be selected to give two talks at the event.
Jim gave a talk at the Symposium on Usable Privacy and Security (SOUPS ‘19) about growing UX as a discipline in a security and privacy organization. When Jim joined Virtru one year ago he needed to quickly hire a team, and put UX tools and processes in place to align with the organization’s iterative product development process and strategic goals. In his talk, Jim shared tips for developing a UX team’s charter, building executive buy-in, hiring designers, and establishing the design process. He also described how his team developed a design system called Virtuoso, which allows designers and developers to not only create new interfaces faster, but also help integrate requirements supporting regulatory compliance, accessibility, localization, and mobile form factors. Finally, Jim outlined how his team defines and designs for different types of customers, referencing Virtru’s definition of usable encryption and adapting Maslow’s hierarchy of needs to security and privacy interfaces.
Meanwhile, Jack gave a talk on secure data collaboration at the 2019 Summit on Hot Topics in Security (HotSec ‘19). Jack’s talk focused on the problem of data scarcity and the lack of opportunities for meaningful collaboration between external partners due to the limitations of existing privacy and security solutions. Understandable concerns about protecting sensitive data have prevented the vast majority of vital research data from being shared, even in cases where organizations or groups may want to collaborate and benefit from increased access to data. This state of scarcity has effectively created a “data desert” when it comes to accessing representative samples that might help researchers and defenders build better products, detect privacy breaches and even save lives. During his talk, Jack shared some exciting new projects on encrypted data sharing that Virtru is currently leading in partnership with two U.S. hospital systems. The goal of this emerging work is to enable each hospital to share their cardiology computer vision datasets using a secure, privacy-preserving control framework for who has access to what data over time. By using Virtru’s Trusted Data Format (TDF) technology to protect and share their sensitive data, each hospital will help improve the training of their machine learning models used in early detection systems for cardiovascular attacks, leading to fewer patient deaths.
Both of our talks centered on the opportunities for unlocking the power of data by leveraging Virtru’s open TDF technology to enable secure data collaboration between people. Individuals and businesses rely on the internet for so many things, which also means that the security mechanisms that are protecting users are becoming more and more important. Data must be securely shared and collaborated on in novel ways for innovators to build new disruptive products, conduct large-scale user studies or maintain a competitive position in today’s business environment.
Other major themes covered during the symposium included the need for more collaboration between technologists, academics and reporters around topics related to privacy. Securing and encrypting IoT data networks was also a critical priority identified by both researchers and industry practitioners.
The mission of USENIX Security and its associated conferences aligns closely with the work we are doing here at Virtru: bridging usable security and privacy with the opportunity to share and collaborate on data with anyone, anywhere. As part of this mission, Virtru recently released our SDK and Virtru Developer Hub, allowing anyone to add object-level data protection to existing infrastructure, applications and connected devices with just a few lines of code. We look forward to additional opportunities to talk about Virtru at future events.
Jack Britton is Head of Data Science at Virtru.
Jim Lane is Vice President of User Experience at Virtru.