Shields Up, Commander Data

Tired of getting burned by browser hijackers and other malicious code? Change your browser security settings and take advantage of the security zones built into Internet Explorer to easily surf safe sites while keeping security high for those sites you don't trust or aren't sure about

When you first start Internet Explorer, the security is set to medium. Microsoft developers sitting behind their corporate firewalls and DMZs decided this was the most reasonable mix of security and ease-of-use. But most of us aren’t sitting behind corporate firewalls and DMZs with a whole host of security experts monitoring our Internet access. We need to keep our doors and windows locked.

Internet Explorer offers four “content zones,” each with its own security level that allow you to define how much security you want to use to protect your PC from spyware, viruses and rogue content on web sites you visit.

1. Internet Zone – This zone contains all web sites you have not placed in another zone.

2. Intranet Zone – This site contains all sites on your local intranet and really doesn’t apply to home or most small offices.

3. Trusted Sites – This zone is where you can add the URL of sites you trust not to damage your computer or data.

4. Restricted Sites – This zone is where you put sites that cannot be trusted not to damage your PC or data.

Rather than accept the “medium” default setting on the Internet Zone, I set this to “high.” This blocks downloads and potentially dangerous Active-X code. I usually add sites I visit often, such as news sites and business sites, to my Trusted Sites list. This takes about 30 seconds per site and means I can see all content and download files without problems. I only do this to mainstream sites.

If you aren’t sure about a site, you can temporarily reduce your Internet Zone security to medium to view the site but remember to reset it to high when you leave. I avoid file-sharing sites such as Kazaa and MP3 sites like the plague. In my work as a consultant I have seen more PCs infected by these sites and peer-to-peer file sharing than any other method.

My rule of thumb is; if you can’t see the majority of information on a web site without reducing your security setting from high, you really don’t want to go there.

If you do plan to install some sort of napster-like peer-to-peer file sharing, my recommendation is to acquire a second PC that is used strictly for this purpose. This way, when a virus, hijacker or rogue script does infect you, the infection will not be on a PC that contains important data or programs.

In the workplace, every company should have a policy that no such peer-to-peer (P2P) programs are allowed on company PCs, on pain of termination. Most big companies automatically block these sorts of applications.

All of this security is easy to get to in Internet Explorer. From the main menu select “Tools Internet Options” and click on the “Security” tab. From here you can set the security level of each zone as well as add or remove sites from your Trusted or Restricted site lists.

Yes, this may be more work than you’d like but wait until your browser is hijacked and you will understand why paying a little attention to security settings can save you a lot of grief.