Endpoint
2/7/2013
08:15 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Microsoft Computing Safety Index Shows Consumers Do Little To Change Online Habits Despite Multiple Risks

Global index shows need for more diligence in protecting personal information at home and on mobile devices.

REDMOND, Wash., Feb. 5, 2013 /PRNewswire/ -- Today on international Safer Internet Day, Microsoft Corp. released the results of its second annual Microsoft Computing Safety Index (MCSI), revealing that more than half (55

percent) of global respondents are experiencing multiple online risks, yet only

16 percent say they take multiple proactive steps to help protect themselves and their data. This year the MCSI also examined mobile safety behaviors, uncovering that although less than half of respondents (42 percent) run software updates on their personal computers, only 28% run regular updates on their mobile devices, potentially compounding their risk.

(Photo: http://photos.prnewswire.com/prnh/20130205/SF54257-INFO)

(Logo: http://photos.prnewswire.com/prnh/20000822/MSFTLOGO)

"Mobile devices often have just as much, if not more, valuable personal information stored on them as a home computer, making mobile devices equally attractive to data-stealing criminals," said Jacqueline Beauchere, Microsoft's incoming chief online safety officer. "The latest MCSI results demonstrate that no matter where or how people access the Internet, exercising safer online habits is essential. There are steps that people can take and technologies that they can employ to help prevent them from becoming a victim."

The MCSI surveyed more than 10,000 PC, smartphone and tablet users in 20 countries and regions about their personal approach to online safety and assigned a point scale of 0 to 100 based on their answers. The global average score was 34 for PC online safety and 40 for mobile. An abbreviated version of the MCSI is available at Microsoft Computing Safety Index Survey for people to check how savvy they are when it comes to online safety.

Other key worldwide findings from the MCSI include the following:

-- Theft of password or account information was cited as a concern for 47

% of respondents, with 33% saying they use secure websites

and 28% saying they avoid using open Wi-Fi spots on their mobile

devices.

-- Forty-eight percent of respondents said they worry about computer

viruses, with fewer than half (44 percent) turning and leaving on

firewalls, and just more than half (53 percent) installing antivirus

software on their PCs.

-- Forty-five percent of those surveyed said they worry about having their

identity stolen, yet only 34% have a PIN (personal identification

number) to unlock their mobile device, and just 38% say they

educate themselves about the latest steps to help prevent identity

theft.

Microsoft offers a range of online safety tools and resources at http://www.Microsoft.com/security, including the following practical steps consumers can take to stay safer online:

-- Lock your computer and accounts with strong passwords and your mobile

phone with a unique, four-digit PIN.

-- Do not pay bills, bank, shop or conduct other sensitive business on a

public computer, or on your laptop or mobile phone over "borrowed" or

public Wi-Fi (such as a hotspot).

-- Watch for snoops. People scouting for passwords, PINs, user names or

other such data may be watching your fingers or the screen as you enter

that data.

-- Treat suspicious messages cautiously. Avoid offers too good to be true

and be wary of their senders, even if the messages appear to come from a

trusted source.

-- Look for signs that a Web page is secure and legitimate. Before you

enter sensitive data, check for evidence of encryption (e.g., a Web

address with "https" and a closed padlock beside it or in the lower

right corner of the window).

-- Reduce spam in your inbox. Share your primary email address and instant

messaging name only with people you know or with reputable

organizations. Avoid listing them on your social network page, in

Internet directories (such as white pages) or on job-posting sites.

Countries surveyed in the MCSI were Australia, Belgium, Brazil, Canada, China, Egypt, France, Germany, India, Indonesia, Japan, Malaysia, Mexico, Russia, Singapore, Spain, South Korea, Turkey, the U.K. and the U.S.

Founded in 1975, Microsoft (Nasdaq "MSFT") is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5312
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

CVE-2012-6662
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo.

CVE-2014-1424
Published: 2014-11-24
apparmor_parser in the apparmor package before 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows attackers to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw."

CVE-2014-7817
Published: 2014-11-24
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".

CVE-2014-7821
Published: 2014-11-24
OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?