Académique Documents
Professionnel Documents
Culture Documents
STUDY METHODOLOGY
Online panel
REMOTE AUDITING
iScan
n = 3,655 (3rd quarter 2011) n= 60,154 (from Dec 2006) 17 data collections
6,383 computers (3rd Quarter 2011) 195,151 computers (from Dec 2006) 56 data collections
Technical information
Sample Population Spanish Internet users aged over 15 with frequent access to the Internet from home Sample 3,655 users surveyed 6,383 remote analyses Sample distribution Multistage sampling stratified by Autonomous Region and size quotas by household, age, gender, work activity and home size Information collection Online interviews. Online analysis of computers Fieldwork September to December 2011 Sampling error In accordance with the criteria of simple random sampling for dichotomous variables where p=q=0.5 and for a confidence level of 95.5%, a sampling error of n=3,655 is 1.62% is established.
Contents
Main results
Study on information security and e-trust in Spanish households
Annual report 2011 (17th wave)
Security measures Secure behaviour habits Security measures and incidents in homes with children Security incidents User reaction and the consequences of security incidents E-trust in Spanish households Final conclusions
http://observatorio.inteco.es
4
Main results
Security measures
Extended use of automated security solutions. Antivirus and firewalls, the most popular tools (91.6% and 76.7%, respectively). Average takeup of non-automated security measures. Notable use of passwords and deleting temporary files and cookies (78.5% and 74.5% respectively).
Main results
Security incidents
Receiving spam is still the most common incident (68%). In total, 45.2% of computers scanned contain malware, but only 20.5% of those surveyed report malware-related incidents in the last 3 months. The most common types of malware are still those which can make money for the attackers, especially trojans. High level of fragmentation in detected malware; 81% of malicious files have only been detected once.
Main results
User reaction and the consequences of security incidents
Both data loss and system reformatting or reinstalling still affect a minority, at around 10%. Users consider themselves capable of resolving security incidents by themselves (41.5%) or with expert guidance (16.3%). Four out of ten users do not change their habits after suffering security incidents. Fewer than 10% abandon online services and use after security problems.
94,4%
91,6% 78,5%
0% Dic/Ene 07 Antivirus programmes Firewalls Pop-up window blocking systems Anti-spyware programmes Parental control programmes Antivirus updates Anti-spam systems Security plugins for browsers Anti-ad systems
Sept/Dic11
100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0%
6,9% Dic/Ene 07 Passwords Backup copies Keeping informated on computer security User profile with restricted permissions Use of electronic DNI (National Identity Document) Removing temporary files and cookies Copy of system recovery disc Specific hard disc partition Other digital certificates Document encryption Sept/Dic11 27,3% 18,6% 55,2% 44,9% 28,5% 50,4% 35,2% 22,5% 21,7% 78,5% 74,5% 58,9% 51,3% 50,4% 40,4% 37,3% 28,9% 22,9% 17,5%
Security measures
Reasons for not using automatic security measures (%)
Reasons Performance Do not need Do not trust Ineffective Not aware Households that do not currently use them
Antivirus programmes Antivirus updates Firewalls Operating system updates Anti-spam programmes or settings Pop-up blocking programmes or settings Security plugins for browsers Anti-spyware programmes Ad-blocking programmes or settings Content filtering programmes or settings
8.4% 21.5% 23.3% 24.4% 29.4% 35.0% 46.2% 49.0% 53.3% 68.7%
2.5 10.7 29.3 17.2 25.1 26.4 33.1 30.8 30.9 16.7
38.6 28.9 23.8 25.7 29.2 28.3 29.6 27.0 30.4 46.2
17.9 18.6 8.5 13.3 9.0 8.3 5.8 11.0 7.4 5.3
Price
Measures
18.3 13.3 20.9 13.9 12.1 15.6 14.6 11.1 12.0 8.7
3.6 5.2 4.0 7.4 6.3 5.9 3.5 6.3 4.4 5.9
5.3 5.8 2.7 6.0 5.8 4.3 3.2 4.1 3.5 3.5
13.8 17.5 10.8 16.5 12.5 11.2 10.2 9.8 11.5 13.6
10
Others
Security measures
Reasons for not using non-automatic security measures (%)
Reasons Do not need Do not trust Ineffective Not aware Others 12.5 27.3 29.6 27.2 27.7 19.9 12.5 19.5 30.2 14.9
11
Passwords (computers and documents) Removing temporary files and cookies Back-up copies of files Making copies of system recovery discs Searching for computer security information Hard disk partitioning Regular use with restricted permissions Electronic signature digital certificates Electronic ID Document or data encryption
21.5% 25.5% 41.1% 48.7% 49.6% 59.6% 62.7% 71.1% 77.1% 82.5%
3.6 19.2 15.2 19.5 16.1 24.3 17.3 18.9 7.0 24.7
64.1 33.9 41.0 38.9 37.0 41.0 53.1 45.8 45.8 47.1
5.7 7.9 5.6 4.3 5.2 3.0 2.5 3.8 4.7 3.0
Price
Measures
8.9 6.9 4.7 5.7 6.3 7.1 9.1 2.7 2.8 5.0
Performance
2.1 2.5 2.9 2.6 5.4 2.8 3.4 7.1 8.2 4.1
3.2 2.2 1.1 1.8 2.4 1.8 2.1 2.0 1.3 1.1
I check all the files I download I always download and open files attached to emails (disagree) I never give confidential information in chats or instant messaging When making transactions I check I'm using a secure connection I always type in the URL of my bank or online shop I use the antivirus to check all files downloaded on P2P networks My profile/information can be seen by any user of the social network 0% 2009 16,5% 8,6% 20% 40% 2011 60% 55,6%
80%
100%
12
I am concerned by news in the media about the safety of children I track their online friends in the same way I do their real life friends I warn my child of the problems of giving out their own or others' personal information I have asked them to tell me about any behaviour or contact which seems inappropriate or suspicious I have created a limited user account for the child's Internet access I supervise the content they access after each session (browser history) 0% 2009 20% 40% 2011 39,4% 41,7% 58,4% 72,2% 60% 80%
100%
13
13,2%
8,5%
7,1%
6,9%
6,5%
5,1% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%
14
Security incidents
Evolution of computers containing malware, perception compared to detection
100% 90% 80% 70% 60% 51,1% 50% 40% 30% 20% 10% 0% Dec 10 Jan 11 Feb 11 Mar 11 Apr 11 May 11 Jun 11 Jul 11 27,3% 22,2% 43,7% 48,9% 47,2% 48,5% 44,2% 44,4% 46,1% 45,8% 48,0% 47,8% 46,4%
iScan
45,2%
27,3%
Perception
15
100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Jan 07
iScan
Jun 07
Dec 07
Jun 08
Dec 08
Jun 09
Dec 09
Jun 10
Dec 10
Jun 11
Dec 11
16
Security incidents
6.000 5.000 4.000 3.000 2.000 1572 1.000 0
Jan 11 Feb 11 Mar 11 Apr 11 May 11 Jun 11 Jul 11 Aug 11 Sep 11 Oct 11 Nov 11 Dec 11
Security incidents
4924 4162 3786
iScan
3329 2744 2397 2149 1892 1422 1495 1126 1054 942 1987 2391 2287 1910 1712 1633 1869 2247 2630 2295
1871
iScan
1000 800 600 400 200 0 1 detection 2 detections 3 detections 4 detections 5 detections 6 detections 6 detections
17
232 86 33 22 11 40
100% 90% 80% 70% 60% 50% 39,9% 40% 30% 20% 10% 0% Jan 11 Feb 11 No risk Mar 11 Apr 11 May 11 Jun 11 Jul 11 Aug 11 Sep 11 Oct 11 Nov 11 8,0% 1,0% 7,9% 1,0% 7,6% 0,8% 7,0% 0,6% 8,8% 0,6% 8,6% 2,4% 9,4% 2,4% 10,2% 2,2% 6,8% 2,4% 6,4% 2,6% 5,3% 2,2% 5,9% 2,2% 34,6% 38,8% 36,6% 39,0% 33,3% 34,2% 33,4% 38,6% 38,5% 38,7% 56,4% 51,2% 52,9% 55,9% 51,6% 55,7% 54,0% 54,3% 52,2% 52,4% 53,9%
iScan
54,9%
36,9%
Dec 11
Low risk
Medium risk
High risk
18
Change passwords Update security tools that are already installed Start making backup copies Change security tools Install a security tool for the first time Stop downloading files from P2P networks, Stop using unauthorised software Stop making online purchases Stop using online banking services Stop using Internet services (email, instant Others No change 0% 10% 20% 30% 15,0% 13,3% 9,8% 8,6% 6,8% 5,4% 4,7% 4,0% 2,7% 29,4%
34,6%
* Multiple response
19
11,0%
41,5% 31,1%
16,3% I can fix it myself I ask a relative or friend to fix it I can fix it with the help of an expert I take the computer in for technical service
20
7,7%
1,1% 8,3%
6,5%
1,5% 9,6%
38,6% 44,3%
39,9% 42,4%
May-Aug 11
A lot of trust Enough trust No trust at all
Sep-Dec'11
Quite a lot of trust Not much trust
21
11,4%
48,9%
39,8%
22
6,5%
50,0% 43,5%
23
Develop free security tools Supervise more closely what is happening on the Internet Legislative reform for new Internet offences Information and awareness raising campaigns on risks and prevention Greater co-ordination among the organisation involved in security problems Provide response/technical support to security problems on citizens' computers Supervise appropriate use of personal data on the Internet Provide training courses and workshops on Internet and security Others 0,2% 0% 10% 20% 9,7% 8,8% 7,2% 6,9% 5,2% 16,6% 15,3%
30,1%
30%
40%
24
Annual balance
Spanish users in general maintain a high level of trust in the Internet. More than 90% of those surveyed trust the Internet a lot or quite a lot. Even so, one in four users do not trust the Internet enough to make payments online, either through their credit or debit card or using services such as PayPal. In total, 85.2% of users think that incorrect use of software is the main cause of a lack of online security, and 74.7% blame a lack of caution in second place. Aware of existing risks, 78.6% of users check they are using a secure connection when connecting to the Internet. However, fewer than 30% of users have digital certificates for validating their procedures, and 23% use the electronic ID. While 45.2% of computers contain malware, only 20.5% of users say they have suffered this type of incident in the last quarter of 2011.
25
http://www.inteco.es http://observatorio.inteco.es