Security for free: Don't let staff download files


Security for free: Don't let staff download files

Turn off some browser settings and change the supplier's defaults

The greatest danger of Web browsing at work is the hazard posed by the download and execution of unvalidated programmes.

These range from scripts embedded in Web pages to screen savers and utilities obtained from plausible but unverifiable sources.

Web browsers generally have a sophisticated set of security options in both set-up and configuration. Most people, even in the corporate environment, do not use them though, and the default configuration is generally pretty wide open.

Work out the minimum facilities you need, and limit the browser to just those. For example, most Web users do not need file download for work, only for play; no one needs auto-update of the browser or font download, so turn them off. You should seriously consider whether you really need Javascript and Active-X, as these are widely exploited.

"Our intranet uses them" is not an adequate justification. And if you are using Internet Explorer, be aware that there is a hidden "my computer" security zone which is pretty lax by default. You can only manage it using a special admin tool, but you should definitely get this and use it, as it is potentially hazardous to leave this zone set on defaults.

Learn about your browser, find out about its security options, and define a minimum required set of facilities for your business needs. You do not have to study technical threats in detail. A huge difference can be made just by turning off everything you don't actually require.

Then create and enforce a browser configuration policy to keep all your browsers tuned for greater safety, and make it stick by training your users about the risks.

Mike Barwise is a consultant at

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

This was first published in July 2002


COMMENTS powered by Disqus  //  Commenting policy