Security experts and users follow a drastically different set of best practices to protect their security online, according to a new report from Google.
The company, which surveyed 231 security experts and 294 web users, found that the experts--defined as working five or more years in computer security--placed software updates, unique passwords and two-factor authentication atop their list of online security best practices.
Users, however, prioritized their top security measures differently: They listed antivirus software, strong passwords and frequent password changes. Users also admitted to delaying the installation of software updates and expressed a lack of trust in password managers.
"To improve security advice, our community must find out what practices people use and what recommendations, if messaged well, are likely to bring the highest benefit while being realistic to ask of people," the report said. "The experts' practices are rated as good advice by experts, while those employed by non-experts received mixed ratings."
Here's a look at where security experts and users differed the most.
Average users don't prioritize software updates
Installing software updates was the security practice that differed the most between security experts and users, according to the report. Thirty-five percent of experts mentioned it as a top security tactic, compared to just 2 percent of non-experts. This was the No. 1 security action the surveyed experts took, while it didn't crack the top five for average users.
Users' behavior toward software updates mirrored their attitudes toward them as well: While 39 percent of experts reported automatically installing security updates, 29 percent reported doing the same. Less than half of the users surveyed considered advice to update applications very effective, yet two-thirds said they were very likely to follow it.
"Our results suggest that one reason some non-experts don't install updates might be the lack of awareness on how effective updates are," the report said. It cited examples from respondents who worried that updates could be abused to spread malicious content and the possibility that they contained bugs. Other respondents called the process of updating software "cumbersome."
Average users trust antivirus software the most
While average users don't prioritize software updates, they do value antivirus software, which they ranked No.1. Forty-two percent listed running antivirus software on their personal computers, and 90 percent said they considered it either very effective or effective. Meanwhile, antivirus software made the list on just 7 percent of experts' top priorities.
"The high adoption of antivirus software among non-experts and their high willingness to follow this advice might be due to the good usability of the install-once type of solution that antivirus software offers,"the report said.
Sign up for CIO Asia eNewsletters.