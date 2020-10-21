Only one tenth of Finns are properly acquainted with the privacy terms of their websites before accepting them, according to a survey.

These phrases are encountered on almost every website today. A lot of people click on them no more thinking yes, ok and I accept.

Websites accepting the terms without thinking is the most typical example of security fatigue that has struck people. The software company Tietoevry woke up to this observation after commissioning a survey on Finns’ attitudes towards digital services.

More than one-fifth of Finns never read the privacy terms of websites before accepting them, and almost 70 percent only read them sometimes.

In other words, less than a tenth of Finns pay significant attention to the conditions.

“Everyone is sure to recognize such fatigue in their own lives. Of course, everyone has different experiences of the situations in which they are involved in civil and working life, ”says the information security expert of the Cyber ​​Security Center of the Finnish Transport and Communications Agency. Matias Messi.

Second a typical indication of security fatigue is the attitude towards passwords and logon methods for various digital services.

People use easily inferred or even the same passwords for different services, and log in to multiple services with login information for the same service, such as a Facebook username and password for other companies ’sites.

Vice President, Information Security, Tietoevry Maria Nordgrenin think it is often a matter of crosstalk thinking.

“However, I do not understand these settings, so I accept them. Or one might think that why would any cyber criminal be interested in my information, so what does it matter, ”he describes.

At the same time, cybercriminals are constantly making more diligent phishing scams and other cyber scams.

At worst security fatigue can result in, for example, theft of credit card information, the installation of blackmail programs on a computer, identity theft, or access to employer databases.

According to the Cyber ​​Security Center of the Finnish Transport and Communications Agency, more than a million scam calls have already been made to Finnish telephone numbers, for example in the name of Microsoft’s technical support.

Honey therefore, whenever you register for various services, you recommend that you stop for 5-10 minutes and find out in complete peace what you are logging in to and what information you are giving about yourself.

“That way, when it works, you don’t have to be annoyed afterwards. The guide applies to all online behavior in general. It’s always a good idea to check, for example, which links you click and which email attachments you open. ”

Calm in addition to discretion, the Cyber ​​Security Center has two key pieces of advice for anyone weighed down by security fatigue.

They can control most of the security threats in your own life without taking up an unreasonable amount of time with the art.

1. Keep updates up to date automatically

choose settings on your computer, phone, and any other device connected to the Internet to install the latest updates automatically.

“That’s when you know that security and other updates are up-to-date whenever they come from the manufacturers.”

2. Enable multi-step authentication

Multi-stage means that you cannot log in to the service with just a username and password.

In addition to these, you also need some other certificate to actually be the user account holder. In many cases, such a certificate is either a confirmation requested by the mobile application or a one-time login code sent to the mobile phone via message.

“Multi-stage authentication ensures that if, for some reason, someone knew your password or leaked it, an attacker would still not be able to access the service with your username, as they would have to use your phone in addition to your password.”

Multi-stage authentication is used in many services. It can be found on Facebook, Google and Microsoft, for example.

Multi-stage authentication should at least protect email, frequently used sometiles, and services that have access to credit card information or that allow you to sign in to multiple services, Mesi says.

Responsibility Of course, the safe and privacy-friendly use of the internet cannot be pushed only on the shoulders of individuals. Businesses and authorities have a huge responsibility in how security and privacy issues are implemented in their services.

“Ideally, security would already be built into the service so that it would be safe for everyone to use,” says Messi.

For example, if services always required a multi-step or other login method that is more secure than a password, users would be left with no other options.

Progress has also been made. Nordgren describes it as that before, his role as security officer was usually to get involved in projects at the stage when they were implemented and “then sprinkle security on”.

Today, the situation is usually that security is involved in the design from the beginning.

A year ago, the Cyber ​​Security Center, for its part, unveiled the Security Label, which guarantees that security issues related to a smart device or application have been properly addressed.

On development despite a survey commissioned by Tietoevry, only three per cent of Finns consider companies to be highly reliable processors of personal data and half fairly reliable.

Four quarters of Finns considered the authorities to be very reliable and almost two out of three considered them to be quite reliable.

In Finland, the survey was carried out by Tietarevry on behalf of Kantar TNS in September. There were 1,046 respondents, and the margin of error in the survey is five percentage points in its direction.