I live in an estate that is close to the sea. Because the waterfront is largely ungoverned, wanderers often set up makeshift tents for shelter there. If turning the beautiful seaview into a shanty were the only problem, it wouldn’t be so bad. However, some of these guys would sometimes jump the estate fence into my estate to engage in petty theft.

The first time I witnessed this, I had woken up to find a gentleman struggling to move the gas cylinder placed in my yard. The dexterity with which the gentleman jumped the fence when he noticed a moving figure was nothing short of spectacular. I would have allowed him to take the cylinder away for such an acrobatic display if he had waited 😁. Having witnessed this, I called someone to secure the cylinder, made a mental note not to leave valuable assets in the yard, alerted my neighbours to stay safe, and moved on.

Soon, my neighbours started reporting similar incidents. After a while, someone suggested we add an extra layer of electrical wires and bottles to the fence, which I obliged and paid the artisans to fix. Thankfully, I decided to see what the artisans have been up to after some time and noticed that they had also gone ahead to mould extra bricks on the low fence demarcating my yard and my neighbour’s.

When I saw it, I asked them to remove it, even though they had moulded up to four rows, despite their much hesitation and reluctance. I asked them to remove the “security wall” for several reasons. One, I don’t like confined or small spaces, and if I had my way, there wouldn’t be fences in the world. Two, it felt weird to create an extra barrier between myself and my neighbour, and lastly, as I mentioned to the artisans, raising the fence between myself and my neighbour is not going to stop anybody from getting in, so why deform the space for no reason?

Does this mean I am not security-conscious? No. I mentioned earlier that I had secured the only valuable item I have there. Am I ruling out the chances of theft? No. What I have done is to ensure that petty thieves don’t have their way while maintaining a pleasant environment for me. For the bold thieves, I expect the estate security to take care of them, and for the gun-blazing real thieves, I expect or imagine that the government should take care of that with its security architecture, and believe in God’s protection.

I have laid this background due to recent heightened security awareness, which by itself is a good thing. However, my appeal is for knowing where to draw the line between security, irrational apprehension, and a pleasant user experience. As product owners or managers, people will come up to you with suggestions on how to “heigten the security” of the product. Your job is to know where to draw the line.

Back to the scenario I painted about expecting the estate security or government for protection, platforms and systems are working tirelessly to protect us from harm on the internet, and it takes minimal effort for any responsible user to stay safe online.

For instance, email services like Gmail are using advanced algorithms beyond the capacity of the Ikorodu hacker to detect and block suspicious emails. If an email is sent from an untrusted domain or a domain that doesn’t match the sender’s usual location, Gmail will alert you and ask if you’re sure you want to proceed. This added layer of security helps prevent phishing attacks and keeps your inbox safe from spam and malware.

Messaging Apps like WhatsApp have implemented measures to protect users from unwanted messages and calls, giving you control over who can contact you.

Most macOS and iOS devices have built-in security features that prevent users from installing untrusted apps, meaning you can only install apps from the App Store or trusted developers, and that additional verification is required to install them, reducing the risk of malware and other cyber threats.

Almost all platforms now enforce two-factor authentication (2FA), adding an extra layer of security to the login process, ensuring that even if a hacker gets hold of your password, they won’t be able to access your account without the second factor, which is usually a code sent to your phone or a biometric authentication like a fingerprint or face recognition.

So why do people still get “hacked”? Hacked in quote because if someone takes control of my Grandma’s Whatsapp because my Grandma sent the “Ikorodu hacker” who claimed to be from Meta her Whatsapp OTP, should Meta introduce another layer of security, “maybe 3FA” as a response to that, or educate my Grandma about not sending OTPs or codes to anyone?

Security is not just about building walls; it's about striking a balance between protection and user experience. Most people get “hacked” not because of a lack of security measures, but because of human error, weak passwords, and sharing sensitive information with strangers, and definitely not because the average Ikorodu has any special skills or resources. The chances of surviving an actual “hack” or espionage from a well-resourced state-sponsored institution are next to nothing, even for the most careful individuals.

In the end, it’s not about the Ikorodu hackers, or any other group of hackers for that matter. It’s about us, and how we approach online security. By striking a balance between protection and user experience, we can create a safer and more enjoyable online environment for everyone.