Still looking for the right New Year’s Resolution? We’ve got one for you: develop secure web browsing habits. Given the range of threats facing Internet users today, it is critical that users learn to protect themselves while browsing the web. Our second post in our “Cybersecurity 101” series offers our recommendations for browsing the Internet safely.
Best Practices for Secure Browsing
There are several habits that you should develop to improve the security of your online activities. While the following list may seem like a lot to manage, most of these recommendations are simple and following them will significantly bolster your browsing security.
Keep your browser software up-to-date: This is crucial, as new patches are often released to fix existing vulnerabilities in browser software. This recommendation doesn’t apply solely to browser software – it is critical to keep operating system software and any other software you have up-to-date for the same reason.
Run anti-virus software: Anti-virus software provides protection by scanning for and removing malicious files on your computer. There are many excellent options for virus protection software (both paid and free), so it is up to you to do a little research and select a program that best fits your needs.
Scan files before downloading: It is important to avoid downloading anything until you’re confident that it is secure. If you have any suspicion that a file may not be legitimate or may be infected, scan it with antivirus software before downloading.
Watch out for phishing: Phishing attacks use online communications (usually email) to trick users into giving out their sensitive information. Often times these messages appear to be from banks, social media sites, shopping sites, or payment processers. Phishing messages frequently contain links that lead to counterfeit versions of popular sites. You can avoid falling victim to phishing schemes by ignoring unsolicited messages and not clicking on hyperlinks or attachments in emails (type or copy/paste the URL as it appears instead).
Don’t reuse passwords: Using the same password for multiple sites only makes it easier for attackers to compromise your sensitive information. Instead, keep track of your different passwords with a handwritten list that you keep in a safe place or come up with your own algorithm for creating unique passwords that only you would know. It is also recommended that you change your passwords every 90 days.
Use HTTPS: The “s” in “https” stands for secure, meaning that the website is employing SSL encryption. Check for an “https:” or a padlock icon in your browser’s URL bar to verify that a site is secure before entering any personal information.
Read privacy policies: Websites’ privacy policies and user agreements should provide details as to how your information is being collected and protected as well as how that site tracks your online activity. Websites that don’t provide this information in their policies should generally be avoided.
Regularly monitor your bank statements: Keeping an eye on your online statements will allow you to react quickly in the event that your account has been compromised.
Avoid public or free Wi-Fi: Attackers often use wireless sniffers to steal users’ information as it is sent over unprotected networks. The best way to protect yourself from this is to avoid using these networks altogether.
Disable stored passwords: Nearly all browsers and many websites in general offer to remember your passwords for future use. Enabling this feature stores your passwords in one location on your computer, making them easier for an attacker to discover if your system gets compromised. If you have this feature enabled, disable it and clear your stored passwords.
Turn on your browser’s popup blocker: Popup blocking is now a standard browser feature and should be enabled any time you are surfing the web. If it must be disabled for a specific program, turn it back on as soon as that activity is complete.
Following these 11 tips will go a long way in protecting you from attackers, malware, and many of the other threats that we all face online - now that’s a resolution worth keeping! Keep an eye out for our next “Cybersecurity 101” post on configuring security settings for today’s most popular browsers, including Chrome, Firefox, Internet Explorer, and Safari. Happy New Year all!
Nate joined Veracode as a marketing specialist in early 2012. He is one of Veracode’s first co-ops from Northeastern University, where he is majoring in entrepreneurship and new venture management while minoring in music. He has various responsibilities at Veracode, including blogging, SEO, and infographic design.
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
Veracode is a leading provider of enterprise-class application security, seamlessly integrating agile security solutions for organizations around the globe. In addition to application security services and secure devops services, Veracode provides a full security assessment to ensure your website and applications are secure, and ensures full enterprise data protection. Application protection services from Veracode include white box testing, and mobile application security testing, with customized solutions that eliminate vulnerabilities at all points along the development life cycle.