"We, as an industry, have to develop easy-to-use security that is as foolproof as possible,"
-- Steve Watts, SecurEnvoy
Commenting on results of a US survey that found almost half of consumers are failing to update their software regularly, SecurEnvoy says this highlights the fact that there are lot of consumers out there who don't know - and probably don't really care - how their computers work.
According to Steve Watts - co-founder of the tokenless two-factor authentication (2FA) specialist - there is a clear analogy here with the motor car - but unlike cars where there are a host of motoring associations that can assist in the event of an electrical or mechanical problem, there is no Automobile Association for computers.
"It's fascinating to learn that 25 per cent of adults don't clearly understand what software updates do - and given that PCs are now as mainstream as the car - should we really expect them to? The solution lies in developing security systems that are as transparent as possible to use, and ensuring those solutions are as easy to use as possible," he said.
"This isn't as curious as it sounds, as if we regard the PC as a terminal to the Internet - as it clearly is for many users - then provided we ensure that the risk from malware is as low as possible, and then ensure they are able to securely log into their online banking or similar service, the risk to the user is significantly reduced," he added.
Watts - who is sales director with SecurEnvoy - went on to say that, whilst most companies clearly need to raise their security game, and keep it that way, there is an arguable case for relatively simple consumer usage of computers not to update their software.
It's not a perfect situation, he admitted, but there are millions of car drivers out there who haven't a clue what happens under the bonnet or how to change a wheel, but they get by with the assistance of a 'man who can,' so - if malware can be kept at bay, and they can use their mobile phone as their authentication medium - their online banking and similar sessions will be as secure as possible.
"As we move to mass market PC ownership, it becomes clear that the traditional - and security aware - users of a computer are going to give way to someone that does not, as this survey identifies, understand how their PC actually functions, let alone know how to update it, so we, as an industry have to develop easy-to-use security that is foolproof as possible," he said.
"Our approach to authentication is based on this principle. Rather than use a hardware token that frightens the average Joe off, consumers can use their mobile phone as the authentication vehicle. They may not understand how tokenless 2FA works, but they will follow the easy instructions, and that's a perfect solution for all types of PC user - regardless of their level of expertise," he added.
For more SecurEnvoy: http://www.securenvoy.com
For more on the latest international survey on attitudes to software updates: http://bit.ly/SQHupm