“...no one can hack my mind”: Comparing Expert and Non-Expert Security Practices”
The paper discusses the results of two surveys: One involving 231 security experts, and another with 294 web-users who are not security experts. Both groups were surveyed about what they do to stay safe online. The intent was to compare responses from the two groups in order to better understand any differences in professional’s and casual user’s approaches to security.
Here are the top 5 practices by group:
1. Install Software Updates
1. Use Antivirus Software
2. Use Unique Passwords
2. Use Strong Passwords
3. Use Two-Factor Authentication
3. Change Passwords Frequently
4. Use Strong Passwords
4. Only Visit Known Websites
5. Use a Password Manager
5. Don’t Share Personal Information
35% of experts and only 2% of non-experts said installing software updates was one of their top security practices. Experts recognize the benefits of updates. “Patch, patch, patch,” said one. Non-experts do not seem to understand the benefits of software updates or how they work and are also concerned about the potential risks: “Automatic software updates are not safe in my opinion, since it can be abused to update malicious content.”
42% of non-experts vs. only 7% of experts said that running antivirus software was one of the top three things they do to stay safe online. Experts acknowledged the benefits of antivirus software, but expressed concern that it might give users a false sense of security since it’s not a bulletproof solution.
My own “Top 5” would be:
1. Install automatic updates verified by the publisher (especially for the operating system).
2. Use antivirus software.
3. Use strong passwords.
4. Only visit secure or known websites.
5. Use only a secure “WiFi” connection or a “VPN.”
And don't forget to back everything up!
You can read the entire paper here: