Jump to content

Gartner Says Consumers Are Unwilling to Sacrifice Convenience for Security, Despite Widespread Online Fraud


turetzsr

Recommended Posts

http://www.gartner.com/it/page.jsp?id=895012

Highlights:

Although consumers claim to be concerned about security, they have little tolerance for sacrificing convenience to safeguard that security, according to Gartner Inc. Despite widespread security concerns, consumers continue to rely on service providers to protect their safety and persist in using unsafe password management practices, preferring to maintain the status quo rather than exploring new security methods.

Link to comment
Share on other sites

One of the suggestions was a program to manage passwords. I am with the 4000 interviewees in not wanting to deal with another program plus the fear that hackers would start hacking it. petzl recommends a password locker (or something like that) and even that scares me that someone would try to hack it. I don't even let the browser store them for me - which any of those 4000 who didn't use the same two, probably do.

Security is an arms race between the good and evil techies. Those of us who are technically non-fluent are suspicious of the security of any techie-developed program since the evil techie can find a loop hole - and we would not know the difference until it was too late.

Like offline travelers who only stop at chain restaurants, we probably only go to the websites that are known to us and lose a lot of the Internet experience. And, probably a large proportion of us will click on anything 'free' that shows up there. Not me. I am too paranoid. I won't even look at the news or take the quizzes at msn or yahoo, much less click on an ad! And we probably put too much reliance on our virus, spam programs and firewalls to detect anything strange.

Although I don't use the same password every time, it is already a hassle to keep up with them. But then so are locks and keys. I loved it when I lived in an area where you could leave your keys in your car! And there were no 'bad' neighborhoods to avoid. But, of course, the tradeoff was that you always had to be careful of bears.

Miss Betsy

Link to comment
Share on other sites

I loved it when I lived in an area where you could leave your keys in your car! And there were no 'bad' neighborhoods to avoid. But, of course, the tradeoff was that you always had to be careful of bears.

Or the bears learning to drive :)

Link to comment
Share on other sites

Yes all the different account names and passwords are a pain. My daughter thinks I'm crazy for keeping my encrypted file of passwords on a memory stick.

and lose a lot of the Internet experience.

Yes we do miss the experience of having our computer violated. Well I don't "miss" it much!

Link to comment
Share on other sites

<snip>

Although I don't use the same password every time, it is already a hassle to keep up with them. But then so are locks and keys. I loved it when I lived in an area where you could leave your keys in your car!

<snip>

...To extend that analogy (to the breaking point, I'll admit :) <g>), I don't need one key to drive my car down my street, then another to turn onto the next street, yet another for the main street, etc. Why should I need a different password for every one of the thirty secure web sites I visit with my browser? Or one for each of the ten different secure intranet applications my employer requires me to use? Sheesh!
Link to comment
Share on other sites

Why should I need a different password for every one of the thirty secure web sites I visit with my browser? Or one for each of the ten different secure intranet applications my employer requires me to use? Sheesh!

Easy answer .. it only takes one of those spots to get compromised. Flip side is that I use different passwords everywhere, which I agree does tend to drive me a bit crazy. Which server am I trying to touch, which Admin account on which server, which application am I trying to hit (and is it as a user or Admin?), even crazier when there's not much difference on the screen to remind me which server I might actually be working on once I'm 'in' an application ..... for example, using an SSH shell to work with MySQL, I might be talking to any of something like 20 different servers, from my own local systems, the various SpamCop/CES servers I get to play with, the web-sites I deal with for other folks, etc. That MySQL prompt looks exactly the same on this side of the screen <g>

Link to comment
Share on other sites

To laugh or cry ...???? found this in some commentary on a totally unrelated subject ...

2 uppercase, 2 lowercase, 2 numbers, 2 special characters, at least 14 characters, no dictionary words, names, socials, or phone numbers......user password resets daily.

Welcome to my world.

Topped only by the funny (?) scenario offered as;

I was working as Information Security Officer for the Veterans Administration. One of my duties was to brief new people on how to create secure passwords. I was explaining the need for two upper case, two lower case, two control characters and two numbers in password creation. He looked at me with a blank stare and asked what I ment by upper and lower case letters.
Link to comment
Share on other sites

Please enlighten us. I've yet to find a security product or procedure which did not make things harder to use.

- Use strong passwords.

- Use hard to exploit browsers, like Firefox and Opera.

- Use your browser's "Certificate Verification" option.

- Browse with the Java engine off, unless you specifically need it.

- Don't browse https in tabs.

- Set your mail reader to "Text Only". Only turn on HTML is absolutely needed from trusted and verified senders.

- Keep your software updated, especially your OS.

- If you use a Windows based OS, virus scan daily and use an online Java based scan weekly, as those aren't affected by a possibly compromised antivirus.

- Use a good antivirus: Avast! and AVG are recommended. Most nasties are designed to disable Symantec products on deployment.

- Cracked software and keygens are asking for trouble... most have trojans.

- Accept the fact that scammers are always 10 steps ahead. Consider all parts of the net to be a "back alley" in a city and guard yourself appropriately.

Hope that helps :)

Cheers!

Link to comment
Share on other sites

- Use strong passwords.-inconvenient

- Use hard to exploit browsers, like Firefox and Opera.

- Use your browser's "Certificate Verification" option.-inconvenient

- Browse with the Java engine off, unless you specifically need it.-inconvenient

- Don't browse https in tabs.-inconvenient

- Set your mail reader to "Text Only". Only turn on HTML is absolutely needed from trusted and verified senders.-inconvenient

- Keep your software updated, especially your OS.-inconvenient

- If you use a Windows based OS, virus scan daily and use an online Java based scan weekly, as those aren't affected by a possibly compromised antivirus.-inconvenient

- Use a good antivirus: Avast! and AVG are recommended. Most nasties are designed to disable Symantec products on deployment.

- Cracked software and keygens are asking for trouble... most have trojans.

- Accept the fact that scammers are always 10 steps ahead. Consider all parts of the net to be a "back alley" in a city and guard yourself appropriately.

I'm not saying that I don't do these things, but most users have trouble doing the simplest things. I have asked my mother many times not to forward the "Warning..." emails to everyone she knows without checking snopes or asking me, yet she still forwards 2 or 3 a week.

Of course, their unwillingness to do these things keeps me busy and making a little side money :)

Link to comment
Share on other sites

Hi Steven,

I hear what your saying. It's frustrating and I have dropped a lot of clients for not following security precautions (mom and wife I can't though ;) ) to save my sanity. The local computer shop hates me for receiving my "rejects", LOL!

All the more proof people should have a "license" for internet access, but my local M.P. won't introduce even bring the thought of it to parliament *sigh*

Cheers,

Gregg

PS: Thanks Miss Betsy, I forgot that one - Clear Cache daily. I have FF and O do this automatically, so I forgot to mention it.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...