Section V: Proper Web Usage

A "web browser" is software used to browse the World Wide Web on the Internet. The web browser is the most used piece of software on most computers. There are many different web browsers (such as Microsoft Internet Explorer & Edge, Mozilla Firefox, Safari, Opera, Google Chrome, etc.) to choose from but regardless of your choice, your web browser software must always be kept up-to-date.

The most commonly used and exploited web browser is Microsoft Internet Explorer, followed by Mozilla Project's Firefox. It is up to you, as the end user, to secure your web browser. This may not always translate into an actual browser or operating system configuration but may mean being aware of your web browsing behavior. There are certainly some good tips to securing the web browser that you can configure (covered in the following pages), however, you will find less malware (spyware, adware, worms, and viruses) on your computer by changing your browsing habits and being more aware of your clicking. Almost all the browser exploits require that you click on something.

Now let us come back to reality and realize that people are going to click on stuff that could trigger malicious software to run on your computer. So, the strategy is two-fold: to maintain a secure environment and be an educated user. Regardless of your web browser choice, you should implement the tips in the remainder of this section to help protect you from being vulnerable. Whether they are patched vulnerabilities, unpatched vulnerabilities, or behavior-based vulnerabilities, you need to protect your computer.

What's the most popular web browser? Google Chrome Apple Safari Firefox Internet Explorer & Edge

Browser Weaknesses

Microsoft Internet Explorer has had its share of problems. This year alone Microsoft has already released numerous updates that fix various security problems for vulnerabilities that have been recognized by Microsoft. Vulnerabilities that have not yet been fixed by Microsoft also exist and pose an even greater threat, because there is no patch for them, yet. Most problems have been caused by the use of Active X. Since the Active X interfaces lack security safeguards, the potential for security problems were more likely to occur with Active X than without it.

Another weakness is that you can leave an opening into your system by being logged on as the administrator while surfing the web. This could allow malware to be installed on your computer without your knowledge since administrators have the authority to install software into the system. To close this opening, you need to create a new user account that does not have administrator privileges and use it for surfing the web. Only use your Administrator account when actually installing software.

You've probably seen where Internet Explorer offers to remember values and even fill in forms for you automatically. Some of that information is pretty sensitive, such as credit card numbers or passwords. It is supposedly kept safe for you in protected storage. Well, it's not protected! A number of tools available on the Internet can decrypt the data in real time. It is almost impossible to clean up. You may not want Internet Explorer (or for that matter, any browser) to save that information if there is any chance someone else may be able to access your machine.

We continue to see, many companies warning users of their outdated software and up patched systems. It is very common for hackers to target legitimate websites, exploit their weaknesses and lure unsuspecting victims into their scams.

Some Safe Web Browsing reminders for office and home

• Do keep your web browser up-to-date.
• Do keep your anti-virus software up-to-date.
• Do enable your computer's firewall, set it at medium or better.
• Do use strong passwords and change them often.
• Do not use the same password on multiple sites.
• Do not use the Administrator or Root account to surf the Internet.
• Do disable Active X.
• Do not set your browser to auto-fill.
• Do set your browser to ask before downloading and opening.
• Do protect your personal information.
• Do not click on links in pop-ups; think before you click.
• Do be cautious of Instant Messages and email links.
• Do avoid Copyright Infringements.