Are you as safe online as you think you are?
A recent survey of users reveals a troubling disconnect
There's a security disconnect in the online public, according to a recent survey of Internet users.
A preponderance of users said individuals are responsible for their own security when online, and more than half reported that they had a complete security suite on their computers (at least on their desktop PCs). But a follow-up scan of configurations showed that only 37 percent were running a full suite of tools.
“It’s an emerging world,” said Michael Kaiser, executive director of the National Cyber Security Alliance, which commissioned the survey. “People feel a strong responsibility, but it takes time and education.”
Kaiser takes an optimistic view of the results. People are becoming more aware of security problems and are acting more responsibly and the tools are becoming better.
How do you measure IT security?
Which products top the list of security concerns?
Unfortunately, the sophistication of online criminals appears to be keeping pace with that of Internet users, and the functionality of increasingly mobile online devices could be outpacing our ability to secure them.
“People aren’t as aware of the risks that exist on mobile devices yet,” Kaiser said. But they seem to have an instinctive understanding of those risks. Although 85 percent of respondents felt that their desktops were very or somewhat safe, fewer than half had the same level of confidence in their mobile devices.
The bottom line: The Internet remains a scary place. Only 5 percent of respondents said the Internet is safer today than it was a year ago, and 21 percent think it is less safe. More than two-thirds say it is about the same.
The study of 3,498 Americans was commissioned by NCSA and conducted by Zogby International. Norton by Symantec conducted follow-up scans of 400 computers.
Part of the apparent disconnect could be confusion over what constitutes full security for a networked computer. Most people are running a handful of core tools, such as a personal firewall, antivirus and anti-spyware toold, Kaiser said. But basic protection now should also include tools to combat phishing as well as e-mail message filtering and management and identity protection.
The list of tools needed for protection online is growing, but the tools also are becoming more automatic, with features such as default updating, and are being built into applications such as browsers. However, users still must assume responsibility for the use and maintenance of these tools, and exercise caution in their online behavior.
We cannot expect consumers to assume full responsibility for their own security, however. Most have too little understanding of the technology and little patience for using it. Security tools must become even more automatic and better integrated into products, like the air bags and anti-lock brakes on cars. And, also like cars, people must operate them safely.
The survey showed little appetite for government regulation of Internet security. This does not mean that government regulation has no place on the Internet. The government establishes certain requirements for the safety of automobiles on the road and for operation of them. There is no reason why baseline security requirements cannot be established for operators of the information superhighway.