Computerworld

Google: Users still aren't getting message about online security

Google researchers say that experts and non-experts go about protecting their digital privacy in very different ways, according to survey results they plan to present at the upcoming Symposium on Usable Privacy and Security.
  • Jon Gold (Network World)
  • 24 July, 2015 02:18

Google researchers say that experts and non-experts go about protecting their digital privacy in very different ways, according to survey results they plan to present at the upcoming Symposium on Usable Privacy and Security.

The importance of regular software updates is apparently lost on a large proportion of Internet users who aren't security experts, the survey found. Just 2% of non-experts said that routinely patching software was high on their list of security priorities, compared to 35% of experts.

+ ALSO ON NETWORK WORLD:Hacker: 'Hundreds of thousands' of vehicles are at risk of attack | How to check if you've been attacked by Hacking Team intrusion malware+

In fact, the researchers wrote in a blog post, many non-experts were concerned that software updates could themselves pose a security risk. "I don't know if updating software is always safe," said one respondent. "What [if] you download malicious software?"

By contrast, non-experts were much more likely to list anti-virus software as one of their most important safety precautions, despite the fact that such software, by itself, doesn't provide a defense against many of the online threats they face today. While just 7% of experts said anti-virus software was one of their top three precautions, fully 42% of non-experts rated it that highly.

There was, however, some common ground. Both groups listed strong password management as a key part of staying safe online, even though experts were much more likely to use dedicated password management apps than users.

By and large, however, Google's researchers say their data shows that, despite years of breaches, hacks and privacy violations of every imaginable kind, the best security practices are still not generally understood.

"Our findings highlight fundamental misunderstandings about basic online security practices," they wrote. "Software updates, for example, are the seatbelts of online security; they make you safer, period. And yet, many non-experts not only overlook these as a best practice, but also mistakenly worry that software updates are a security risk."