Endpoint
2/7/2013
08:15 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Microsoft Computing Safety Index Shows Consumers Do Little To Change Online Habits Despite Multiple Risks

Global index shows need for more diligence in protecting personal information at home and on mobile devices.

REDMOND, Wash., Feb. 5, 2013 /PRNewswire/ -- Today on international Safer Internet Day, Microsoft Corp. released the results of its second annual Microsoft Computing Safety Index (MCSI), revealing that more than half (55

percent) of global respondents are experiencing multiple online risks, yet only

16 percent say they take multiple proactive steps to help protect themselves and their data. This year the MCSI also examined mobile safety behaviors, uncovering that although less than half of respondents (42 percent) run software updates on their personal computers, only 28% run regular updates on their mobile devices, potentially compounding their risk.

(Photo: http://photos.prnewswire.com/prnh/20130205/SF54257-INFO)

(Logo: http://photos.prnewswire.com/prnh/20000822/MSFTLOGO)

"Mobile devices often have just as much, if not more, valuable personal information stored on them as a home computer, making mobile devices equally attractive to data-stealing criminals," said Jacqueline Beauchere, Microsoft's incoming chief online safety officer. "The latest MCSI results demonstrate that no matter where or how people access the Internet, exercising safer online habits is essential. There are steps that people can take and technologies that they can employ to help prevent them from becoming a victim."

The MCSI surveyed more than 10,000 PC, smartphone and tablet users in 20 countries and regions about their personal approach to online safety and assigned a point scale of 0 to 100 based on their answers. The global average score was 34 for PC online safety and 40 for mobile. An abbreviated version of the MCSI is available at Microsoft Computing Safety Index Survey for people to check how savvy they are when it comes to online safety.

Other key worldwide findings from the MCSI include the following:

-- Theft of password or account information was cited as a concern for 47

% of respondents, with 33% saying they use secure websites

and 28% saying they avoid using open Wi-Fi spots on their mobile

devices.

-- Forty-eight percent of respondents said they worry about computer

viruses, with fewer than half (44 percent) turning and leaving on

firewalls, and just more than half (53 percent) installing antivirus

software on their PCs.

-- Forty-five percent of those surveyed said they worry about having their

identity stolen, yet only 34% have a PIN (personal identification

number) to unlock their mobile device, and just 38% say they

educate themselves about the latest steps to help prevent identity

theft.

Microsoft offers a range of online safety tools and resources at http://www.Microsoft.com/security, including the following practical steps consumers can take to stay safer online:

-- Lock your computer and accounts with strong passwords and your mobile

phone with a unique, four-digit PIN.

-- Do not pay bills, bank, shop or conduct other sensitive business on a

public computer, or on your laptop or mobile phone over "borrowed" or

public Wi-Fi (such as a hotspot).

-- Watch for snoops. People scouting for passwords, PINs, user names or

other such data may be watching your fingers or the screen as you enter

that data.

-- Treat suspicious messages cautiously. Avoid offers too good to be true

and be wary of their senders, even if the messages appear to come from a

trusted source.

-- Look for signs that a Web page is secure and legitimate. Before you

enter sensitive data, check for evidence of encryption (e.g., a Web

address with "https" and a closed padlock beside it or in the lower

right corner of the window).

-- Reduce spam in your inbox. Share your primary email address and instant

messaging name only with people you know or with reputable

organizations. Avoid listing them on your social network page, in

Internet directories (such as white pages) or on job-posting sites.

Countries surveyed in the MCSI were Australia, Belgium, Brazil, Canada, China, Egypt, France, Germany, India, Indonesia, Japan, Malaysia, Mexico, Russia, Singapore, Spain, South Korea, Turkey, the U.K. and the U.S.

Founded in 1975, Microsoft (Nasdaq "MSFT") is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7830
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse cap...

CVE-2014-7831
Published: 2014-11-24
lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not consider the moodle/grade:viewhidden capability before displaying hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role to access the get_grades web service.

CVE-2014-7832
Published: 2014-11-24
mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control at the course level rather than at the activity level, which allows remote authenticated users to bypass the mod/lti:view capability requirement by vi...

CVE-2014-7833
Published: 2014-11-24
mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 sets a certain group ID to zero upon a database-entry change, which allows remote authenticated users to obtain sensitive information by accessing the database after an edit by a teacher.

CVE-2014-7834
Published: 2014-11-24
mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?