The greatest danger of Web browsing at work is the hazard posed by the download and execution of unvalidated programmes.
These range from scripts embedded in Web pages to screen savers and utilities obtained from plausible but unverifiable sources.
Web browsers generally have a sophisticated set of security options in both set-up and configuration. Most people, even in the corporate environment, do not use them though, and the default configuration is generally pretty wide open.
"Our intranet uses them" is not an adequate justification. And if you are using Internet Explorer, be aware that there is a hidden "my computer" security zone which is pretty lax by default. You can only manage it using a special admin tool, but you should definitely get this and use it, as it is potentially hazardous to leave this zone set on defaults.
Learn about your browser, find out about its security options, and define a minimum required set of facilities for your business needs. You do not have to study technical threats in detail. A huge difference can be made just by turning off everything you don't actually require.
Then create and enforce a browser configuration policy to keep all your browsers tuned for greater safety, and make it stick by training your users about the risks.
Mike Barwise is a consultant at www.ComputerSecurityAwareness.com