Details
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 16th Symposium on Usable Privacy and Security, SOUPS 2020 |
| Pages | 359-378 |
| Number of pages | 20 |
| ISBN (electronic) | 9781939133168 |
| Publication status | Published - 2020 |
| Event | 16th Symposium on Usable Privacy and Security, SOUPS 2020 - Virtual, Online Duration: 10 Aug 2020 → 11 Aug 2020 |
Publication series
| Name | Proceedings of the 16th Symposium on Usable Privacy and Security, SOUPS 2020 |
|---|
Abstract
Cloud Office suites such as Google Docs or Microsoft Office 365 are widely used and introduce security and privacy risks to documents and sensitive user information. Users may not know how, where and by whom their documents are accessible and stored, and it is currently unclear how they understand and mitigate risks. We conduct surveys with 200 cloud office users from the U.S. and Germany to investigate their experiences and behaviours with cloud office suites. We explore their security and privacy perceptions and expectations, as well as their intuitions for how cloud office suites should ideally handle security and privacy. We find that our participants seem to be aware of basic general security implications, storage models, and access by others, although some of their threat models seem underdeveloped, often due to lacking technical knowledge. Our participants have strong opinions on how comfortable they are with the access of certain parties, but are somewhat unsure about who actually has access to their documents. Based on our findings, we distill recommendations for different groups associated with cloud office suites, which can help inform future standards, regulations, implementations, and configuration options.
ASJC Scopus subject areas
- Computer Science(all)
- Computer Networks and Communications
- Engineering(all)
- Safety, Risk, Reliability and Quality
Cite this
- Standard
- Harvard
- Apa
- Vancouver
- BibTeX
- RIS
Proceedings of the 16th Symposium on Usable Privacy and Security, SOUPS 2020. 2020. p. 359-378 (Proceedings of the 16th Symposium on Usable Privacy and Security, SOUPS 2020).
Research output: Chapter in book/report/conference proceeding › Conference contribution › Research › peer review
}
TY - GEN
T1 - Cloudy with a chance of misconceptions
T2 - 16th Symposium on Usable Privacy and Security, SOUPS 2020
AU - Wermke, Dominik
AU - Huaman, Nicolas
AU - Stransky, Christian
AU - Busch, Niklas
AU - Acar, Yasemin
AU - Fahl, Sascha
PY - 2020
Y1 - 2020
N2 - Cloud Office suites such as Google Docs or Microsoft Office 365 are widely used and introduce security and privacy risks to documents and sensitive user information. Users may not know how, where and by whom their documents are accessible and stored, and it is currently unclear how they understand and mitigate risks. We conduct surveys with 200 cloud office users from the U.S. and Germany to investigate their experiences and behaviours with cloud office suites. We explore their security and privacy perceptions and expectations, as well as their intuitions for how cloud office suites should ideally handle security and privacy. We find that our participants seem to be aware of basic general security implications, storage models, and access by others, although some of their threat models seem underdeveloped, often due to lacking technical knowledge. Our participants have strong opinions on how comfortable they are with the access of certain parties, but are somewhat unsure about who actually has access to their documents. Based on our findings, we distill recommendations for different groups associated with cloud office suites, which can help inform future standards, regulations, implementations, and configuration options.
AB - Cloud Office suites such as Google Docs or Microsoft Office 365 are widely used and introduce security and privacy risks to documents and sensitive user information. Users may not know how, where and by whom their documents are accessible and stored, and it is currently unclear how they understand and mitigate risks. We conduct surveys with 200 cloud office users from the U.S. and Germany to investigate their experiences and behaviours with cloud office suites. We explore their security and privacy perceptions and expectations, as well as their intuitions for how cloud office suites should ideally handle security and privacy. We find that our participants seem to be aware of basic general security implications, storage models, and access by others, although some of their threat models seem underdeveloped, often due to lacking technical knowledge. Our participants have strong opinions on how comfortable they are with the access of certain parties, but are somewhat unsure about who actually has access to their documents. Based on our findings, we distill recommendations for different groups associated with cloud office suites, which can help inform future standards, regulations, implementations, and configuration options.
UR - http://www.scopus.com/inward/record.url?scp=85091850032&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85091850032
T3 - Proceedings of the 16th Symposium on Usable Privacy and Security, SOUPS 2020
SP - 359
EP - 378
BT - Proceedings of the 16th Symposium on Usable Privacy and Security, SOUPS 2020
Y2 - 10 August 2020 through 11 August 2020
ER -