User security behavior
Download
1 / 16

- PowerPoint PPT Presentation


  • 305 Views
  • Uploaded on

User Security Behavior Denise Anthony PKI Unlocked Summit Dartmouth College July 2004 Computer Networks Collective resource systems Produced and maintained by multiple actors; Individual behavior effects integrity of system virus exposure unauthorized access

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about '' - Albert_Lan


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
User security behavior l.jpg

User Security Behavior

Denise Anthony

PKI Unlocked Summit

Dartmouth College

July 2004


Computer networks l.jpg
Computer Networks

Collective resource systems

  • Produced and maintained by multiple actors;

  • Individual behavior effects integrity of system

    • virus exposure

    • unauthorized access

      Feels like consuming a private good


User surveys l.jpg
User surveys

Dartmouth students:

  • April 2003: Computer use and security behavior

    • Representative sample of 171 undergrads

    • Method: on-line survey

  • November 2003: Use of Wireless and Wired networks

    • Total of 247 undergraduate and graduate students

    • Method: paper survey

    • Conducted by student Emiliano Trere from University of Bologna in Italy

  • 20 in-depth interviews

    Nationally representative data from UCLA Center for Communication Policy www.ccp.ucla.edu



Basic use statistics l.jpg
Basic Use Statistics

  • 99% use email daily

    • ~95% use home-grown Blitzmail program

    • Primary medium of communication on campus

  • 70% browse the Web at least 1 hour/day

  • 67% P2P file-sharing in average week

  • 90% purchased on-line in last 6 months

  • 78% use both wired and wireless networks

    • Over 2/3 use wireless on almost daily basis

    • 22% no wireless: lack of technology, seniors


Virus protection l.jpg
Virus Protection

  • 87% have anti-virus software loaded on their computer

    • 2/3 of them scan for viruses at least once per month

    • About 40% up-date their anti-virus software at least once per month


Password security l.jpg
Password Security

  • 75% have shared their password

    • Over 50% did NOT change it afterward

  • Nearly two-thirds never change password

  • 36% use same password for all apps/sites

    • all websites that require password

    • no distinction between secure (SSL) and non-secure websites



Security concerns l.jpg
Security Concerns

  • About half concerned about PRIVACY on WWW

  • More than half concerned about SECURITY of information on WWW


Web security how do users think about website security implicit t rust and experience l.jpg
Web security?How do users think about website security?Implicit trust and experience

“If [a website] mention[s] they are secure…I usually trust it.”

“I don’t really think about it, but when the windows pop up saying I should do something, I always say yes.”

“All the websites I use are secure, and everyone else is doing it [without] a problem.”


Web security how do users think about website security use brand name sites reputation l.jpg
Web securityHow do users think about website security?Use brand name sites - reputation

“I just order from Amazon and places like that.”

“I use it if it is an official site of a major company.”

“I would never order stuff off a website that looks like its program could change…you know, a crappy website.”

“I trust Norton to do it for me.”


Slide12 l.jpg
Security Behavior OnlineHow often check browser security signals when submitting sensitive information?




How concerned are users l.jpg
How concerned are users?

2002 National data (UCLA):

54% very/extremely concerned about privacy when purchasing online

11.2% not at all (up from 5.5%)

Non-purchasers (58%) more concerned than purchasers (33%)

New users (65%) more concerned than experienced users (47%)

Methods to reduce concerns:

23% Nothing!

6% better technology

27% guarantee/3rd party verification/Gov regulation


Implications l.jpg
Implications

  • Not evaluating security of websites

    • Don’t use security signals

      • Don’t know what to look for

    • Engage in un-secure behavior

  • Users already ‘trust’ infrastructure

    • Rely on reputation of company

    • Expectation that technology is secure

  • Want ‘assurance’ that system works

    • Third party incentives/regulation of security


ad