It should come as no surprise that Check Point, the vendor for ZoneAlarm, ends its infographic with the assertion that "best practices" for computer security simply consist of having a firewall with capabilities found in ZoneAlarm but not Windows Firewall, plus antivirus software. As the infographic's various sections discussed "best practices" leading up to that statement, I started wondering how the heck "best practices" were measured to be able to get some kind of survey data about how much baby boomers tended to adhere to such practices relative to people in generation Y, and "all personal computing security experts" (a pretty wild claim itself) did not help define that.
If the only things needed for "security best practices" are antivirus software and "a two-way firewall", I'm unimpressed. In fact, if that's how the person putting together this infographic measures the baby boomer generation's supposedly superior security acumen relative to that of generation Y, that might explain the much higher rate of concern for email threats amongst baby boomers relative to generation Y, as indicated in the infographic. It looks like the infographic may have started out with an extremely simplistic view of what constitutes "security best practices", then went on from there to compile statistics that were skewed significantly from practical reality by the assumptions derived from that view.
The truth, for instance, is probably that a higher percentage of baby boomers use ZoneAlarm than generation Y people in the survey, the latter mostly just using Windows Firewall, not because of any greater conscious adherence to "security best practices" but because the latter have been more exposed to the existence of Windows Firewall and less so to that of ZoneAlarm than baby boomers. If you asked all the people in the surveyed demographics about the differences between the two consumer firewalls, I'm pretty sure the baby boomers would not fare particularly better at accurately describing the differences -- possibly worse, depending on whether you measured by the number of them who had heard of it and hazarded a guess that did not sound particularly wrong-headed or by the (much, much smaller) number of them who had some actually meaningful knowledge of the difference.
It is also likely that the higher percentage of generation Y than baby boomers who think they are "knowledgeable about security" is due to generation Y actually averaging a more sophisticated (though still deficient, overall) grasp of security issues and how to deal with them than baby boomers, where generation Y is probably marked by a tendency toward greater knowledge about things like Facebook and Twitter exploits, email spoofing and phishing scams, and other issues related to "social networks" and social engineering, while baby boomers are probably more focused on the simple things like installing the same consumer firewall that someone recommended to them last century and keeping antivirus software up to date. Furthermore, the fact that generation Y participants in the survey reported higher rates of security issues in the preceding two years raises a couple of questions:
1. Why not the preceding one year, or the preceding three years? Do the statistics for people who tend to use ZoneAlarm more often start looking worse than those for their generation Y counterparts for those time periods?
2. Is the higher rate of reported security issues a result of generation Y survey participants a result of recognizing more of the issues that have affected them as security issues? In my time as a small business and residential IT consultant years ago, baby boomers who had rampant malware infections in their home computers more often than not thought they just had broken computers that needed to be fixed, and no recognition of the fact their systems had been compromised by automatically propagating malicious code. If asked before I showed up and helped them recover their computing lives, they would not have reported having any security issues. A greater understanding of security matters would have changed that answer, however. Other possibilities for misreporting security compromise rates might include more sensitivity to embarrassment over compromises and not even knowing about cases where millions of users of sites they use having their passwords and credit card numbers harvested.
Even the indications that 58% of baby boomer participants consider security more important than productivity, entertainment, information, and community, with only 31% of generation Y participants making the same determination, may not actually indicate greater security knowledge or better security practices, of course. For one thing, depending on how the relevant survey question was asked, members of generation Y may have regarded it as being about particular software selections or other static system configurations, regarding themselves as being better protected by their own ability to recognize scams than by security software product lines, while baby boomers who lacked the ability to recognize phishing scams and other social engineering threats may have reversed that perspective on important security practices.
This is a common problem with vendor-designed infographics like these: they provide no context in the form of information about survey methodology aside from what we can glean from guesses at what questions might have yielded the results presented, to say nothing of the fact we have no idea what survey questions might have been asked but their results ignored when it came time to develop an infographic that helps sell their products.
Keep Up with TechRepublic