Respect the Browser – Security Awareness Recommendations

Security awareness training usually incorporates web security topics. The message needs to be brief and relevant to non-techies, so they will pay attention. Consider focusing the audience’s attention on the browser—a tool that, for most people, personifies the web both at home and at work.

The title of this list was inspired by the Respect the Escalator safety poster I saw in the New York City Subway: Respect the Browser.

  • Watch the typos. Use bookmarks for the websites you visit frequently to avoid arriving at copycat or otherwise malicious sites (in other words, paypal.com is very different from pajpal.com).
  • Patch the software. Configure the browser and its add-ons, such as Flash and PDF reader, to automatically download install security updates.
  • Use encryption. Make sure that the website address starts with HTTPS when sending sensitive data to protect it from being intercepted.
  • Log out. To end a session with a sensitive website where you needed to log in, click the log out button. Simply closing the browser window might not be enough.
  • Beware of public computers. Avoid accessing sensitive data when logging in from public systems, such as library PCs or Internet kiosks. They might be infected.
  • Protect the browser. Use anti-virus software with features that include a browser security modules to block web exploits and flag malicious links.

If you could only share 6 brief web safety recommendations with non-technical computer users, how similar would your list be to mine?

Lenny Zeltser

Updated

About the Author

Lenny Zeltser is a seasoned business and technology leader with extensive information security experience. He presently oversees the financial success and expansion of infosec services and SaaS products at NCR. He also trains incident response and digital forensics professionals at SANS Institute. Lenny frequently speaks at industry events, writes articles and has co-authored books. He has earned the prestigious GIAC Security Expert designation, has an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.

Learn more