On your PC, you know to keep your firewall on at all times, to keep your antivirus and antispyware software updated and to run them, and to keep automatic updates on. On your mobile device, these basics are similar, such as running a mobile anti-virus, installing software updates immediately upon release, and using a PIN or password to lock your device. These are foundational basics and may seem like a "no brainer." If someone quizzed you on these online safety basics, then you should score a perfect 100.
However, according to the second annual Microsoft Computing Safety Index (MCSI), more than 10,000 PC, smartphone and tablet users in 20 countries managed to score only a 34 on global PC safety. The United States MCSI score was 36. Besides foundational basics, there were two other aspects to this online safety assessment, technical and behavioral. Microsoft said the "U.S. is among the most proactive countries-along with Australia, Brazil, Canada, Mexico, Singapore, and the United Kingdom-completing foundational, technical, and behavioral steps actively. The highest scores were seen in Singapore (42), Malaysia (40), Australia (39) and Canada (39), while consumers in France (29), Germany (29), Korea (27), and Japan (23) were not as proactive."
Overall, the global MCSI score indicates that "despite greater awareness of risks and increased focus on privacy, consumers have maintained the same online safety habits and still have room to improve their proactive, protective measures."
The MCSI global mobile safety score was slightly better, at 40. Like the PC online safety assessment, the mobile survey included three tiers of activity, foundational basics, as well as technical and behavioral. On mobile devices, the technical tools include turning off location tracking, selectively sharing information, reviewing social media location and privacy settings, not using open Wi-Fi connections for mobile, and downloading apps only from trusted sources. Behavioral safety to combat socially engineered risks include being social savvy and selective about who you text, what you text and to whom you give out your personal phone number, physically not leaving your mobile device where someone could compromise it, and avoid clicking on "dubious links or ads."
The U.S. scored 39 on the Microsoft Mobile Safety Index. The highest MMSI totals were Indonesia with 48.7, Mexico with 48.1, Brazil with 45.3, Turkey with 44.9, and Belgium with 44.6. Japan, Korea and Spain are the least vigilant about mobile device security. Not one country averaged a score of 50 on either PC or mobile online safety. We might be getting smarter about online safety, but if this had been a test with the perfect score of 100%, then basically we all failed the test.
"But if you look at it as glass is half full, then you know people are doing some good things," stated Microsoft's Director of Trustworthy Computing Jacqueline Beauchere. "We'd like to see them do more good things." Feb 5 was Safer Internet Day and Beauchere wrote about how to get safer online. Yet being safe online is a daily habit vs. one day of the year. As part of interviewing Beauchere, we talked about Safer Internet Day:
The data show that obviously there are proactive steps that need to be taken. What we are trying to do here is trying to change behavior and that just doesn't happen overnight. Sometimes people are like "Hey that's a link; I'm going to click it." You have to raise awareness of some of these risks, without scaring them, with changing their attitudes, changing their beliefs and eventually changing their behavior. It takes time. We've found that what really drives people to action unfortunately is something really bad happening to them. We don't want it to get to that point where something bad happens to them. We want them to take these proactive steps to help inoculate themselves now.
What is a little bit concerning about data in this index is that consumer concerns about the online risks that they are facing are a little bit contradictory to their actions when it comes to online safety. 55% say there are encountering these multiple risks, but what are they really doing on a proactive basis to get smart on these issues and take those necessary steps? Sure enough, it's only 16% that say they are taking the proactive steps needed to help protect themselves online.
Password or account information theft was cited as primary concern of people, over half of the respondents said that, but only a third of them said they use a secure website. It was a mere 28% that said they avoid using those open Wi-Fi hotspots on their mobile devices.
Have you secured your wireless? Do you know about identity theft, safeguarding online reputation or "safe" social network sharing? When you are out and about, do you watch for shoulder surfers who might be interested in learning your mobile device PIN or laptop password? Take passwords, for example, after so many sites have been hacked and the passwords dumped, it is still sadly common for people to reuse the same password over multiple sites. Or worse, use something like password as the password. Beauchere advised for people to "adopt strong passwords with multiple characters, letters, symbols, numbers, anything that in there that is easy for them to remember, but difficult for somebody else to guess."
While there are many fascinating aspects to the Microsoft Safer Internet Day online safety assessment scores, and I could throw the numbers from it at you all day, sometimes a picture makes it so much easier to digest. That is why I inserted parts of Microsoft's "Protect as you connect" infographic. You can see it in full here. We are constantly becoming more a of digital society, so please learn more about online safety and then follow through and take action to better protect yourself. Be a great digital citizen!
Curious about your MSCI score? Please take an abbreviated version of the quiz to see how well you do in comparison to your country.
Like this? Here's more posts:
- Interview with Microsoft's Director of Trustworthy Computing Jacqueline Beaucher
- Exploiting Universal Plug-n-Play protocol, insecure security cameras & network printers
- DARPA’s unblinking, all-seeing 1.8-gigapixel camera stare on PBS Rise of the Drones
- Testing The Privacy Company Mega: 50GB free storage, 2048-bit encrypted protection
- Bugged guesthouse: Eric Schmidt's daughter reveals North Korea trip details
- Data Privacy Day 2013: Microsoft releases privacy trends study and video series
- Oracle releases emergency Java patch; experts warn flaws may take 2 years to fix
- Open letter to Microsoft calls for Skype transparency reports
- 20 Seconds to jailbreak Windows RT
- Chinese hackers use compromised USA university computers to attack us
- Unpatched TRENDnet IP cameras still provide a real-time Peeping Tom paradise
Follow me on Twitter @PrivacyFanatic
Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. Smith has a diverse background in information technology, programming, web development, IT consulting, and information security. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.
Smith is an independent contractor and is not affiliated with any vendor that makes or sells information technology.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited