NCSA: Confidence in security of connected devices often misplaced

Despite professing high trust that their personal data is secure, too many Americans of all ages are failing to follow basic cyber hygiene practices, says the National Cyber Security Alliance.
By Mike Miliard
12:45 PM
Connected Health Device

The National Cyber Security Alliance recently took a closer look at how consumers in different age groups protect their own data – or don't – when using mobile devices. The poll found different attitudes across the spectrum, but generally found that consumers of all ages need to pay closer attention to how they manage connected health and other tools.

WHY IT MATTERS
By surveying 500 Americans aged 18-34, and 500 aged 50-75, NCSA sought to get a better idea about various thoughts and actions around data privacy and connected device security.

According to NCSA's study, 77% of consumers ages 50-75 feel moderately to highly confident that the connected devices they own are sufficiently secure. A similar number (81%) in the 18-34 age group feel the same way.

Learn on-demand, earn credit, find products and solutions. Get Started >>

When it came to cyber hygiene practices, on the other hand, there was a divergence in the two groups' approach, but plenty of suboptimal security habits to go around.

For instance, more than one in three of respondents over age 50 "rarely or never check for software updates" on their devices, according to NCSA. And more than half (54%) of consumers aged 18-34 "frequently connect devices to unprotected WiFi networks" to access sensitive identifiable information.

Among that younger age group meanwhile, half say they never or only sometimes deactivate unnecessary features such as location tracking, and 44% "always [accept] push notifications from apps, such as requests to access location or contact data."

Contrast that with caution shown by users ages 50-75, who tend to be more apprehensive about personally identifiable information on connected devices.

Somewhat hearteningly, NCSA found that 42% of respondents in the 50-75 cohort never use public WiFi with their connected devices to access sensitive data, and 68% say they only download apps from trusted sources. Only a quarter, meanwhile (23%) say they are "very comfortable" using the cloud for data backup.

"Older respondents are more calculated when it comes to taking risks associated with using connected devices, choosing to stay away from public WiFi when accessing sensitive personal information, downloading apps solely from trusted sources, and largely shying away from cloud storage solutions," explained Kelvin Coleman, executive director of NCSA. "Given how well documented threats stemming from these practices have become, the decision to avoid these behaviors are sensible."

THE LARGER TREND
Adoption of connected health devices is on the uptick, of course, even if many consumers remain underinformed or misinformed about the potential privacy risks and security vulnerabilities.

One survey two years ago, for instance, found data protection weakness across more than 3,000 apps, some putting protected health information at risk.

ON THE RECORD
"There's a disconnect between how secure consumers think their connected devices are and the security hygiene behaviors we've tracked," said Coleman. "Although the majority of respondents understand very basic data protection measures, like the importance of multifactor authentication and updating default password settings on new devices, there's still a lot of work to do in building awareness to narrow the vulnerability gap among all users."

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com

Healthcare IT News is a HIMSS publication.

More regional news

A person looks into a vaccine refrigerator

(Photo by Ivan Romano/Getty Images)

By
SUNY Upstate Medical University Cancer Center

SUNY Upstate Medical University Cancer Center

By
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.