Endpoint
2/7/2013
08:15 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Microsoft Computing Safety Index Shows Consumers Do Little To Change Online Habits Despite Multiple Risks

Global index shows need for more diligence in protecting personal information at home and on mobile devices.

REDMOND, Wash., Feb. 5, 2013 /PRNewswire/ -- Today on international Safer Internet Day, Microsoft Corp. released the results of its second annual Microsoft Computing Safety Index (MCSI), revealing that more than half (55

percent) of global respondents are experiencing multiple online risks, yet only

16 percent say they take multiple proactive steps to help protect themselves and their data. This year the MCSI also examined mobile safety behaviors, uncovering that although less than half of respondents (42 percent) run software updates on their personal computers, only 28% run regular updates on their mobile devices, potentially compounding their risk.

(Photo: http://photos.prnewswire.com/prnh/20130205/SF54257-INFO)

(Logo: http://photos.prnewswire.com/prnh/20000822/MSFTLOGO)

"Mobile devices often have just as much, if not more, valuable personal information stored on them as a home computer, making mobile devices equally attractive to data-stealing criminals," said Jacqueline Beauchere, Microsoft's incoming chief online safety officer. "The latest MCSI results demonstrate that no matter where or how people access the Internet, exercising safer online habits is essential. There are steps that people can take and technologies that they can employ to help prevent them from becoming a victim."

The MCSI surveyed more than 10,000 PC, smartphone and tablet users in 20 countries and regions about their personal approach to online safety and assigned a point scale of 0 to 100 based on their answers. The global average score was 34 for PC online safety and 40 for mobile. An abbreviated version of the MCSI is available at Microsoft Computing Safety Index Survey for people to check how savvy they are when it comes to online safety.

Other key worldwide findings from the MCSI include the following:

-- Theft of password or account information was cited as a concern for 47

% of respondents, with 33% saying they use secure websites

and 28% saying they avoid using open Wi-Fi spots on their mobile

devices.

-- Forty-eight percent of respondents said they worry about computer

viruses, with fewer than half (44 percent) turning and leaving on

firewalls, and just more than half (53 percent) installing antivirus

software on their PCs.

-- Forty-five percent of those surveyed said they worry about having their

identity stolen, yet only 34% have a PIN (personal identification

number) to unlock their mobile device, and just 38% say they

educate themselves about the latest steps to help prevent identity

theft.

Microsoft offers a range of online safety tools and resources at http://www.Microsoft.com/security, including the following practical steps consumers can take to stay safer online:

-- Lock your computer and accounts with strong passwords and your mobile

phone with a unique, four-digit PIN.

-- Do not pay bills, bank, shop or conduct other sensitive business on a

public computer, or on your laptop or mobile phone over "borrowed" or

public Wi-Fi (such as a hotspot).

-- Watch for snoops. People scouting for passwords, PINs, user names or

other such data may be watching your fingers or the screen as you enter

that data.

-- Treat suspicious messages cautiously. Avoid offers too good to be true

and be wary of their senders, even if the messages appear to come from a

trusted source.

-- Look for signs that a Web page is secure and legitimate. Before you

enter sensitive data, check for evidence of encryption (e.g., a Web

address with "https" and a closed padlock beside it or in the lower

right corner of the window).

-- Reduce spam in your inbox. Share your primary email address and instant

messaging name only with people you know or with reputable

organizations. Avoid listing them on your social network page, in

Internet directories (such as white pages) or on job-posting sites.

Countries surveyed in the MCSI were Australia, Belgium, Brazil, Canada, China, Egypt, France, Germany, India, Indonesia, Japan, Malaysia, Mexico, Russia, Singapore, Spain, South Korea, Turkey, the U.K. and the U.S.

Founded in 1975, Microsoft (Nasdaq "MSFT") is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web