Plain Language: A Key Element of Friendly Business IT and Cybersecurity



In my halcyon days of yore—known to most of you as the 1980s—I happened to get to consult with two of the greatest software visionaries you’ve probably never heard of. Here’s who they are, and why they matter to your IT and cybersecurity management efforts.

Two visionaries, one vision: simplicity

One was Paul Heckel. Paul wrote a book that I submit is still a worthwhile read if you can find it. It’s called “The Elements of Friendly Software Design.” Paul, who also worked at Xerox Corp.’s famed Palo Alto Research Center (PARC), turned many of the concepts from his book into a product called Zoomracks. The tool was an early personal information management system that used a then-innovative interface that mimicked filing cards in racks, a popular manual system at the time. It stored everything as plain text, and made it easy for users to scan racks and cards visually, then “zoom in” on the specific information they were seeking. In 1989, Zoomracks was named “Best Database” by Compute! magazine, but then faded into obscurity (and several contentious lawsuits about which you can read more at Wikipedia).

The other visionary was James Edlin. He co-created WordVision, one of the first fully-featured, visually oriented writing tools for the then-nascent IBM PC. The software used a colorful representation of playing card suits to group writing and editing functions logically, and did “WYSIWYG” (“what you see is what you get”) better than anything else at the time. WordVision was simple for even PC newbies to install and use. To quote a 1983 InfoWorld review from the Google Books archive, “You [didn’t] have to know your DOS from your elbow.” And it was priced at only $79.95.

Both Zoomracks and WordVision had one major common characteristic too many IT and cybersecurity tools and implementations lack today. Each was designed from the outset to interact with non-expert, non-technical users in plain, easily understood language, whatever task those users were attempting to perform. From “quick start” installation guides through on-screen prompts to error messages, each made it almost impossible for users to get lost, confused. I watched a lot of people noodle with each product, and never saw anyone be frustrated into the “rage quit” state all too frequently found in today’s video games—and, sadly, too many business applications.

Three things to do now

Here are three simple, effective steps IT and cybersecurity teams can take immediately to bridge the gap between plain language and confusing jargon. Steps like these can improve both user productivity and perception of those teams.

  1. De-obfuscate frequently encountered instructions and error messages. (Ask your users. They’ll be glad to tell you.)
  2. Create brief, clear “cheat sheets” that include all the steps for frequently performed tasks and tell users specifically where and how to get help if they need it. (“Read the manual” and “Call tech support” are just two examples of what not to tell those users.)
  3. Try to include at least one tip or trick in every non-emergency-related communication with users. Such as that coordinated, repeated cybersecurity training and outreach you’re already or about to start doing. (Some of those users can even provide guidance and contributions here, if asked nicely.)

Plain language. A powerful, underused tool that can improve users’ productivity, experiences, adherence to IT and cybersecurity policies, and perceived value of IT. Might even help to reduce helpdesk calls, too. Why would you not use it?

If you want to check out some good examples of communicating about cybersecurity and IT in plain language, start right here. Explore our posts on asset management, ransomware, security management, or systems management. Then explore the plain-language benefits of our solutions, online or by contacting your LANDESK, AppSense, or Shavlik representative.