Security, Availability, and Multiple Information Sources: Exploring - - PowerPoint PPT Presentation

Security, Availability, and Multiple Information Sources: Exploring Update Behavior of System Administrators

Christian Tiefenau, Maximilian Häring, Katharina Krombholz, Emanuel von Zezschwitz

Usable Security and Privacy Lab, Universität Bonn, Fraunhofer FKIE, CISPA Helmholtz Center

@chrizzlz @cathykxx

2

End user

3

Updates and administrators?

4

Research Questions

Process Obstacles Sources Tools

5

Interviews

Zelko Markus Alexander Milan Lorenz Cyril Julian 600 x 300 x 150 x 5 x

VM VM

80 x 35 x

VM

16 x 170 x 26 x 10000 x

VM

100 x Unknown

VM

Clients Virtual Machines Servers

6

Process and Obstacles

7

Process and Obstacles

Process Obstacles

Information Deciding Preparation Testing Installation Post-Installation Complexity Heterogeneous Systems Broken Dependencies Planning …

8

Online Survey

67 Participants 22-55 years 34 SME Company size 41 Europe 19 North America 7 Rest of the world 33 Large Reddit Twitter Forums

9

Findings

42% 38% 45% 46% 46% 52% 50% 76% 81% 45% 36% 36% 31% 27% 20% 20% 13% 7% 12% 26% 19% 22% 27% 28% 30% 10% 12%

Risk (n=67) Stability (n=67) Downtime (n=67) Introducing Errors (n=66) Breaking Dependencies (n=66) Priority/Time (n=66) Lack of Information (n=65) Performance (n=67) Lack of Education (n=67)

100 50 50 100

Percentage Response

1 2 3 4 5

0% 20% 40% 60% 80% 100% Online Publication/News Update Management Software Publisher Newsletter Mailing Lists Other External Services Your Users Main Source Additional Source

Sources Process

10

Discussion

11

Conclusion

Process Obstacles Sources Tools

Security, Availability, and Multiple Information Sources: Exploring Update Behavior of System Administrators

Christian Tiefenau, Maximilian Häring, Katharina Krombholz, Emanuel von Zezschwitz

Usable Security and Privacy Lab, Universität Bonn, Fraunhofer FKIE, CISPA Helmholtz Center

@chrizzlz @cathykxx

THANK YOU!