|
|
|
Overview
|
|
Around the year 2000, 28 Miami University
students and 26 employees in American Electric
Power’s Rate, Research and Design department
took part in a survey designed to ascertain
current levels of internet security.
What factor does age or frequency of
use play in internet security?
Which online transactions are people
less comfortable with?
How aware are people of recent
hacking events and what effects does it have
on their overall security?
.
|
|
Survey Says...
|
|
When interpreting the results of this survey,
we looked for significant effects linking
internet security to age, frequency of use,
and recent hacking events.
The online transactions used were
online banking, e-commerce, giving out
personal information to join organizations,
dispensing personal information to others met
in chats, giving out email address, making
travel arrangements, e-trade, and downloading
programs and files to a personal computer. To
gather a general feel for overall internet
security, we combined the various online
activities and then compared the various
factors. The different transactions were also looked at individually
and the factors considered.
Key
for Charts
·
a = Adults
·
s = Students
·
f = Frequent Users
·
o = Occasional Users
·
s = Seldom Users
·
y = Yes - aware of hacking events
·
n = No – aware of hacking events
What are the
differences in internet security between the
students and the adults?
These
findings are somewhat surprising in their
evenness – one might assume the students would
be more nonchalant in their approach and the
adults more cautious.
However, adults and students are both
frequent computer users and display the same
degree of security when performing online
transactions overall.
When we broke it down into the
individual online activities, students
reported feeling much more secure about
downloading programs and files onto their
personal computers, F(1,52)=4.597,p=.037.
The only other
individual category that deviated from the
average concerned sharing email address;
adults are slightly less comfortable
dispensing this information than students are,
but the results only approach significant
numbers, F(1,52)=3.917,p=.053.
Adults possess much more awareness of
recent hacking events compared to students
(hey, we don’t have time to read the
newspaper!), x2(1)=5.405,p=.02.
Do frequent users
display any noticeable trend towards higher
levels of internet security?
Contradictory to our
predictions, there was no significant increase
in users’ security proportional to their
frequency of use.
While most of those surveyed reported
frequent computer use, people using the
internet occasionally or even seldom showed
equal comfort levels overall.
The one significant result deals with
e-commerce (purchasing goods online, giving
credit card numbers).
More frequent computer users are
mostly comfortable with shopping online.
Other individual online
activities showed no considerable change between
users. Also,
knowledge of recent hacking events displayed no
effect among users of different frequencies.
So
of those polled who reported awareness of recent
hacking events, did this knowledge affect their
level of internet security??
Actually, there was no
evident connection between knowledge of
hackers and levels of comfort pertaining to
online transactions.
We had predicted that people who were
more knowledgeable about recent hacking events
would either be more cautious (since they know
the possibilities) or more secure (because
they understand how to protect themselves). Neither
was apparent, however, and security levels
remained constant.
Overall,
were there certain activities that people seemed
more cautious about performing over the
Internet??
The only individual area that showed
a significant degree of overall caution was
dispensing information to others met in chat
rooms (not an astounding result), t(52)=13.474,p<.001.
.
|
|
On a final note, survey says that...
|
|
The last question on the survey was an
open-ended one:
If you are aware of recent hacking events,
how has this affected how secure you feel??
Here are some comments people had to
offer. As
you can see, there are many parallels between
what the students and the adults had to say. This
is very representative of our survey results,
which found little difference between age groups
concerning Internet security.
Students
“Some
of these events have confirmed my fears, but
overall, I continue my normal (cautious)
activities online.”
“I am
uneasy overall – I keep my personal
info…personal.”
“I
always check out security information before
giving any credit card numbers, but I normally
take the idealistic approach and think it
won’t happen to me.”
“If
you research the site you are disclosing info
on, you can find info supporting how safe it
is to download or disclose info.”
“I
don’t have the lots of money and power they’d
be after.”
“Doesn’t
bother me at all, most of these hacks are a
joke or for fun.”
Adults
“It
has confirmed my skepticism about putting out
certain personal information over the
internet.
I’ll continue to wait and give more
security opportunity to take hold.”
“Added
a firewall program on our home PC – didn’t
change what I do online.”
“I
always look for the security information and
reconcile credit card statements to insure
that no fraudulent charges have been billed to
me. I
never visit chat rooms.
Cyber-stalking is also a real concern
of mine.”
“I
have no control over it and must rely on
companies’ security procedures.”
“Just
hope it doesn’t negatively impact me.”
“I
have to go with what’s going on in the world
and keep up with the times.”
“If I
wasn’t uneasy enough before, this has just
secured my fears.”
“Most
hacking is against organizations, businesses,
government, etc., not individuals.”
Bottom Line
Concern
raised, but definitely not deterred from use.
.
|
|
E-Commerce: Article Review
|
|
A
look at some particular views on e-commerce –-
a Canadian perspective and from the
point-of-view of the credit card companies and
financial institutions.
Reference:
Friedman, Matthew.
‘Fear of hackers keeps businesses off
the Internet.’
Computing Canada.
Nov. 9, 1999.
Canadian
businesses are afraid of the Internet and
believe opening their businesses online is the
equivalent of sending a digital invitation to
the underground hacker elite to come steal all
their information.
They worry about things they don’t
really understand and buy security products
they may not even need because of the press,
the entertainment industry, and the
advertising of companies like IBM.
At least according to Andre Chartier,
a senior security consultant with the DMR
Group in Montreal.
He says, “There was such bad press
about hackers and Internet security that it is
not surprising that people are still afraid.” The
point is that Canadian businesses are so
surrounded by media influences that they fail
to realize the potential for business on the
Internet, and in truth, how secure it really
is. In
Chartier’s opinion, security is not a matter
of technology and protective software
(firewalls, etc.) but of human error and
procedure.
“It’s like sex, if you’re not careful
and you poke a hole in your condom, you may
not pick up a disease – but then again, there
is a chance you will.”
Basically, people just need to be
conscientious and careful – but not afraid. “Fear
isn’t the correct response.”
Movies like The Net, to TV
shows like The X-Files, and other
hacker lore promoted by such companies as Big
Blue promotes false images of the big, bad
hacker coming to take away all you data.
Reference:
Anonymous.
‘A hacker confirms fears of card
fraud.’
Credit Card Management.
Feb. 2000.
Despite
all the lingering fears over purchasing
merchandise online with credit card
information, this past holiday season saw the
steady rise of its popularity.
It appears electronic commerce has
been accepted as millions of Americans chose
to do their shopping sitting in front of their
computer screens.
eUniverse announced that one of its
subsidiaries, CD Universe, had been hacked and
customer data stolen.
These 25,000 numbers were then posted
on an Internet site by a hacker known as
Maxus. Worried
customers continue to shop online despite this
news when the company promises to improve its
security standards.
Reference:
Dernovsek, Darla.
‘Managing on-line risk.’
Credit Union Magazine.
Nov. 1999.
Credit
unions and other financial institutions are
among the top targets for online criminals
according to the experts.
Roger Nebel, vice president of HomeCom
Internet Security Services says, “Because
technology can’t keep up with the threat, you
have to have the process in place to continually
assess your risk.
Risk is the intersection of threat and
vulnerability.”
However, none of your risk management
matters if the customer is too frightened to use
the Internet services provided by these
financial institutions.
Hesitant members can find the faith in
a system bolstered by as little as a reassurance
that security issues are being assessed on a
regular basis.
They become much more receptive when
the there is less perceived threat.
“Credit unions need to realize that it
isn’t just technology, but that people and
processes are just as important,” Nebel says. This
means fostering attitudes, training workers, and
making security a priority.
Reference:
McCormick, Colleen.
‘Webbing the customer.’
Forbes. Sept. 1998.
‘The
Myths and Realities of Putting Customer
Service Online’
Putting customer
service online appears to be obvious – the
greater speed, accessibility, and flexibility
are readily apparent.
However, some issues need to be
looked at before this can become a reality. First
of all, employees must be trained in web
design that is easy for all to use.
Customers will not utilize a
confusing interface.
Security issues need to be resolved
so that people feel free dispensing the
necessary sensitive information without fear
of hackers.
. Back to Psybersite
|
|
This
project was produced for PSY 380, Social
Psychology of Cyberspace, Spring 2000, at
Miami
University. All graphics in these
pages are used with permission or under fair use
guidelines, are in the public domain, or
were created by the authors. Last
revised:
Comments and Questions to R. Sherman.
|
|
