F5 Networks today released the results of a new study into the UK’s app centric society and consumer behaviours. As the abundance of apps in work and personal life dominates technology usage, the research reveals over a quarter of Brits (26%) do not check app security measures before downloading them, even though almost 30 per cent believe hackers are likely to use shopping apps like Amazon and eBay to target their devices.
Across the UK, 2,000 consumers were surveyed, revealing that, regardless of rising fears over cyber-criminal activity, individuals are still neglecting to take action to stay safe online. Only one in five (21%) check the security measures of every new app they download, whereas the type of application impacted whether it was worth checking. The least likely to be checked included news (19%), fitness (15%) and gaming apps (15%). Although apps holding financial information did not fare much better, with 12 per cent not checking banking apps and 10 per cent shopping apps for their security measures.
Indeed, some users were wary about certain applications collecting their data, particularly Facebook (48%), followed by eBay (20%), Amazon (19%) and WhatsApp (18%). Furthermore, when asked about which applications were believed to be high on the target list for hackers, 58 per cent were concerned about Facebook. According to data released by Apple, the most used app in 2016 was Snapchat, but only 7 per cent were concerned that hackers were targeting the platform and 9 per cent for Instagram, the fourth most used app last year.
Apps are the gateway to personal data
The information users were most concerned about being hacked proved similar to concerns over data collection. Although 83 per cent were concerned about financial data being hacked, only 23 per cent were worried about medical information. Users potentially saw less opportunity for hackers to access their medical information, though the continued ransomware attacks on hospitals and NHS Trusts in the past year tells another story. Much lower on the scale was the risk of work information and business details being hacked, as only 11 per cent stated this was a concern.
Gad Elkin, Security Director, EMEA at F5 Networks commented: “The growing concerns demonstrate that consumers are no longer in the dark about cyber security risks, but there is still more education needed – it’s not uncommon for a hacker to use work and business details to gain access to financial data or for hospitals to be targeted with a ransomware attack over confiscated medical information. The lines between work and personal lives have become blurred and we need more robust cyber security policies to reflect that.”
The rise of the app economy has paved the way for the plethora of the Internet of Things (IoT) and smart home technology. The commercial gain is moving almost too quickly for security to keep up. Which is reflected in the research. Almost two in five (39%) would refuse to purchase smart locks over hacker concerns. In addition, nearly a quarter (23%) would avoid buying voice activation systems and 21 per cent would not consider purchasing a smart car as a result.
Work-app balance
Application security in the workplace continues to be a pressing subject. Indeed, businesses are responding through their security policies as two thirds of those with access to computers (67%) say the IT team authenticates new downloads made on their devices, which further illustrates the challenges and risks with BYOD. However, consider the risks of one in three employees not having downloads authenticated and it paints a worrying picture. It’s perhaps surprising therefore that only 13 per cent are concerned about the lack of security controls in the workplace, but more so in manufacturing (29%) and IT/ Telecoms (22%).
Businesses have demonstrated mixed policies towards password security. Almost a quarter (23%) of respondents stated that it is not compulsory at work to change their password at all, highest amongst those in professional and business services (39%) and education (31%). Of those that enforce compulsory password changes, 42 per cent of respondents had to change theirs once a month, and 36 per cent once a quarter. Financial services and consulting was the sector with the strictest password changes, as almost two in five staff (37%) were required to change their password every month.
“The debate around password security policies continues to divide IT teams. The importance of changing passwords must be reiterated, but in particular the use of two-factor authentication systems to add an extra layer of security. Employees might not be concerned about workplace security, but businesses certainly should be,” warned Elkin. “Having visibility over network activity has and will remain a key factor in ensuring hackers are not able to gain entry into the network should they target an individual.”
