Smartphone owners need security advice. How can we ensure they get it?

Computer users often behave insecurely, and do not take the precautions they ought to. One reads almost daily about people not protecting their devices, not making backups and falling for phishing messages. This impacts all of society since people increasingly carry a computer in their pockets: their smartphones. It could be that smartphone owners simply do not know enough about security threats or precautions. To address this, many official bodies publish advice online. For such a broadcast-type educational approach to work, two assumptions must be satisfied. The first is that people will deliberately seek out security-related information and the second is that they will consult official sources to satisfy their information needs. Assumptions such as these ought to be verified, especially with the numbers of cyber attacks on the rise. It was decided to explore the validity of these assumptions by surveying students at a South African university, including both Computer Science and Non-Computer Science students. The intention was to explore levels of awareness of Smartphone security practice, the sources of advice the students used, and the impact of a Computer Science education on awareness and information seeking behaviours. Awareness, it was found, was variable across the board but poorer amongst students without a formal computing education. Moreover, it became clear that students often found Facebook more helpful than public media, in terms of obtaining security advice

Encouraging Privacy-Aware Smartphone App Installation: Finding out what the Technically-Adept Do

Smartphone apps can harvest very personal details from the phone with ease. This is a particular privacy concern. Unthinking installation of untrustworthy apps constitutes risky behaviour. This could be due to poor awareness or a lack of knowhow: knowledge of how to go about protecting privacy. It seems that Smartphone owners proceed with installation, ignoring any misgivings they might have, and thereby irretrievably sacrifice their privacy

Cyber security education is as essential as “The Three R’s”

Smartphones have diffused rapidly across South African society and constitute the most dominant information and communication technologies in everyday use. That being so, it is important to ensure that all South Africans know how to secure their smart devices. This requires a high level of security awareness and knowledge. As yet, there is no formal curriculum addressing cyber security in South African schools. Indeed, it seems to be left to Universities to teach cyber security principles, and they currently only do this when students take computing-related courses. The outcome of this approach is that only a very small percentage of South Africans, i.e. those who take computing courses at University, are made aware of cyber security risks and know how to take precautions. Moreover, because this group is overwhelmingly male, this educational strategy disproportionately leaves young female South Africans vulnerable to cyber attacks. We thus contend that cyber security ought to be taught as children learn the essential “3 Rs” – delivering requisite skills at University level does not adequately prepare young South Africans for a world where cyber security is an essential skill. Starting to provide awareness and knowledge at primary school, and embedding it across the curriculum would, in addition to ensuring that people have the skills when they need them, also remove the current gender imbalance in cyber security awareness

Why Do People Adopt, or Reject, Smartphone Password Managers?

People use weak passwords for a variety of reasons, the most prescient of these being memory load and inconvenience. The motivation to choose weak passwords is even more compelling on Smartphones because entering complex passwords is particularly time consuming and arduous on small devices. Many of the memory- and inconvenience-related issues can be ameliorated by using a password manager app. Such an app can generate, remember and automatically supply passwords to websites and other apps on the phone. Given this potential, it is unfortunate that these applications have not enjoyed widespread adoption. We carried out a study to find out why this was so, to investigate factors that impeded or encouraged password manager adoption. We found that a number of factors mediated during all three phases of adoption: searching, deciding and trialling. The study’s findings will help us to market these tools more effectively in order to encourage future adoption of password managers

Perceived risk and sensitive data on mobile devices

This paper reports on a survey to investigate the behaviour and assumptions of smartphone users, with reference to the security practices adopted by such users. The primary objective was to shed light on the level of information security awareness in smartphone users and determine the extent of sensitive information such users typically hold on these mobile devices

Encouraging Privacy-Aware Smartphone App Installation: What Would the Technically-Adept Do

Smartphone apps can harvest very personal details from the phone with ease. This is a particular privacy concern. Unthinking installation of untrustworthy apps constitutes risky behaviour. This could be due to poor awareness or a lack of knowhow: knowledge of how to go about protecting privacy. It seems that Smartphone owners proceed with installation, ignoring any misgivings they might have, and thereby irretrievably sacrifice their privacy

Encouraging Privacy-Aware Smartphone App Installation: Finding out what the Technically-Adept Do

Smartphone apps can harvest very personal details from the phone with ease. This is a particular privacy concern. Unthinking installation of untrustworthy apps constitutes risky behaviour. This could be due to poor awareness or a lack of knowhow: knowledge of how to go about protecting privacy. It seems that Smartphone owners proceed with installation, ignoring any misgivings they might have, and thereby irretrievably sacrifice their privacy

Cyber security education is as essential as “the three R's”

Smartphones have diffused rapidly across South African society and constitute the most dominant information and communication technologies in everyday use. That being so, it is important to ensure that all South Africans know how to secure their smart devices. Doing so requires a high level of security awareness and knowledge. As yet, there is no formal curriculum addressing cyber security in South African schools. Indeed, it seems to be left to universities to teach cyber security principles, and they currently only do this when students take computingrelated courses. The outcome of this approach is that only a very small percentage of South Africans, i.e. those who take computing courses at university, are made aware of cyber security risks and know how to take precautions. In this paper we found that, because this group is overwhelmingly male, this educational strategy disproportionately leaves young South African women vulnerable to cyber-attacks. We thus contend that cyber security ought to be taught as children learn the essential “3 Rs”—delivering requisite skills at University level does not adequately prepare young South Africans for a world where cyber security is an essential skill. Starting to provide awareness and knowledge at primary school, and embedding it across the curriculum would, in addition to ensuring that people have the skills when they need them, also remove the current gender imbalance in cyber security awareness

The Revolution of Mobile Phone-Enabled Services for Agricultural Development (m-Agri Services) in Africa: The Challenges for Sustainability

The provision of information through mobile phone-enabled agricultural information services (m-Agri services) has the potential to revolutionise agriculture and significantly improve smallholder farmers’ livelihoods in Africa. Globally, the benefits of m-Agri services include facilitating farmers’ access to financial services and sourcing agricultural information about input use, practices, and market prices. There are very few published literature sources that focus on the potential benefits of m-Agri services in Africa and none of which explore their sustainability. This study, therefore, explores the evolution, provision, and sustainability of these m-Agri services in Africa. An overview of the current landscape of m-Agri services in Africa is provided and this illustrates how varied these services are in design, content, and quality. Key findings from the exploratory literature review reveal that services are highly likely to fail to achieve their intended purpose or be abandoned when implementers ignore the literacy, skills, culture, and demands of the target users. This study recommends that, to enhance the sustainability of m-Agri services, the implementers need to design the services with the users involved, carefully analyse, and understand the target environment, and design for scale and a long-term purpose. While privacy and security of users need to be ensured, the reuse or improvement of existing initiatives should be explored, and projects need to be data-driven and maintained as open source. Thus, the study concludes that policymakers can support the long-term benefit of m-Agri services by ensuring favourable policies for both users and implementers