19 January 2012

There is a huge gap between people’s perceptions of their security risk as a home PC user and the reality, according to a recent survey by BCS, The Chartered Institute for IT.  

In the survey that encouraged people to assess their level of risk, only 17% of respondents made the correct assessment, while a staggering 80% of respondents underestimated their risk, believing themselves to be in the low-medium risk band when in fact they were high risk.

The survey, based on the latest BCS book “The Essential Guide to Home Computer Security”, asked respondents to answer 6 questions to determine their online security risk while using a home computer. The final question asked people to assess their own risk as low, medium or high, before submitting their answers to find out their actual risk.

Rob Rowlingson, author of the book explains: “The results were really surprising when you consider how people are using their PCs. For example, over 90% of respondents said they did either e-banking and/or online shopping and over 80% said they had wi-fi, network or remote access for their PC.

“A risk assessment is the cornerstone of good security. The higher the risk, the more security that is required. These results suggest that many home users don’t necessarily understand the risks  and may not be doing enough to avert them. In reality, there are some  simple steps that we can all take to greatly reduce risks when using a home PC.”

Top tips for security include:

• install, utilise and keep anti-virus software up to date
• utilise your security package’s firewall, and other security tools
• create, use, and keep confidential, strong passwords.
• never choose a password using common names, the names of family members or famous people. Don’t use a word from the dictionary. Use different types of characters: upper and lower case, letters, symbols and numbers
• don’t store passwords in your web browser and clear the browser's cache and history
• make sure your wi-fi connection is encrypted with WPA and that you have changed any default passwords on your wireless router
• set up users with ‘standard’ user accounts and limit the use of administrator accounts - so that users, or imposters, cannot gain complete control of your PC
• back-up files you don’t want to lose if you experience a security breach or your PC fails
• lock PCs, smartphones and tablets with a PIN number, password or any other security feature that the device supports.

For parents with children using PCs there are some further advice tips. Rob suggests: “It is worth taking the time to go through rules with your children and check they understand them and agree to abide by them. In essence the dangers are very similar to those that children are warned about outside of the internet, and the actions to be taken are just common sense.”

The following advice follows the SMART rule for children from the Internet Watch Foundation.

• Secret - Keep your personal details Secret never give away your name, address or passwords: it’s like giving away the keys to your home.
• Meet - Never Meet someone you have contacted in cyberspace without your parents’ / carers’ permission, and only when they can be present.
• Accept - Don’t Accept emails, open attachments or download files from people or organisations you don’t really know or trust. They may contain viruses or nasty messages.
• Remember that someone you meet online may not be who they say they are. If you feel worried or uncomfortable in a chat room simply get out of there.
• Tell your parent or carer if someone or something in cyberspace makes you feel uncomfortable or worried.

Rob concludes: “One important thing about keeping yourself secure online is to remain aware. No one can be complacent - maintaining good security is an ongoing process. The security environment evolves continually and the risks change, there’s always a new scam around the corner that someone is willing to try. However, by taking simple steps everyone can manage their risk and enjoy the benefits of being online.”

For more information on the book, please visit: www.bcs.org/books/computersecurity

Contact the Press Office