February 19, 2015
Safeguard Your Browser: 5 Critical Tips For Web Browser Security
Try an experiment: see how long you can use your computer without opening a web browser. That means no web search, no social media, no shopping, and no news. No browser also means you can’t use web apps: no web documents, no web databases, and no webmail. (That last item seems appealing…)
For many of us, such an experiment would last just a few minutes because a web browser connects us to the world. It may be the most important and most used application on your system. Now, here’s how to keep that connection secure.
Don’t click “yes”: install from safe sources only
When you see a message that tells you to install anything, stop. That app that offers to save you time, money, or let you view a video might be malware.Check with your IT advisor to obtain their approval first.
Once you’ve received the “OK”, only install items from safe sources: the vendor’s download site or your browser’s add-in store. For example, if you must install Adobe Flash, type www.adobe.com and navigate the site to download Flash directly from Adobe. Install add-ons and extensions only from the official browser sites: iegallery.com for Internet Explorer, chrome.google.com/webstore for Chrome, addons.mozilla.org for Firefox, and extensions.apple.com for Safari.
Look for the lock
Look for the lock before you enter information or order from a website. Most modern browsers display a green lock to indicate a secure connection between your browser and the site you’re visiting. If you don’t see the indicator, don’t share any information.
Save and sync selectively
After you enter your username and password for a site, most browsers ask “Would you like to store this password?” While that may be convenient, such a practice isn’t secure—especially since not all systems encrypt the information stored on your system. You’re safer to decline such an offer. Instead, use a password manager program that encrypts your stored logins and passwords. (Learn more about password managers and additional ways to secure your accounts here.)
Similarly, most modern platforms and browsers allow you to sync settings to various devices. Log into a browser (or device), allow it to sync, then you’ll have access to your saved sites, browsing history, and settings. Allow this sort of sync only on devices you fully control in a secure location. For maximum security, don’t allow this sort of sync—ever.
If you log in, log out
Do this one exactly as it reads: if you log in to a website, log out when you leave. Visit Facebook.com? Log in. When you’re done visiting Facebook…log out. The same is true for every site you visit: when you place an online order, update your organization’s database, or join a web meeting. When you’re done, log out.
In some cases—think, Gmail—you might stay logged in during the day, then log out when you leave. In other cases—think, Amazon.com—login to order an item, then log out. When you log out, you improve security: no one can sit down at your computer and access your account without your login. (unless you saved your username and password, which we told you NOT to do above!)
Clear and backup everything
Finally, you can always delete browser information. Internet Explorer, Chrome, Firefox, and Safari all provide methods to delete or reset locally stored info. These methods only clear profiles and settings for the browser—they don’t impact files you’ve downloaded and stored elsewhere. Also, be aware that a browser reset can’t clear information that other computers have stored about your activity. Your activity may still be stored by the sites you’ve visited, or by monitoring tools elsewhere on your network.
A system that never connects to a network will be more secure, but a disconnected system is also not very useful. A network connection presents an inherent risk: browse to the wrong site, hit “enter” too quickly, and your browser could be compromised. Make sure to backup your data so that you can quickly recover and resume work if that happens.
In the end, the only truly secure system may be one that never connects to a network, but such a system would be of little use. So go ahead: connect and browse—just make sure to stay safe when you do.