Respect the Browser – Security Awareness Recommendations

Security awareness training usually incorporates web security topics. The message needs to be brief and relevant to non-techies, so they will pay attention. Consider focusing the audience’s attention on the browser—a tool that, for most people, personifies the web both at home and at work.

The title of this list was inspired by the Respect the Escalator safety poster I saw in the New York City Subway: Respect the Browser.

  • Watch the typos. Use bookmarks for the websites you visit frequently to avoid arriving at copycat or otherwise malicious sites (in other words, paypal.com is very different from pajpal.com).
  • Patch the software. Configure the browser and its add-ons, such as Flash and PDF reader, to automatically download install security updates.
  • Use encryption. Make sure that the website address starts with HTTPS when sending sensitive data to protect it from being intercepted.
  • Log out. To end a session with a sensitive website where you needed to log in, click the log out button. Simply closing the browser window might not be enough.
  • Beware of public computers. Avoid accessing sensitive data when logging in from public systems, such as library PCs or Internet kiosks. They might be infected.
  • Protect the browser. Use anti-virus software with features that include a browser security modules to block web exploits and flag malicious links.

If you could only share 6 brief web safety recommendations with non-technical computer users, how similar would your list be to mine?

Lenny Zeltser

Updated

About the Author

Lenny Zeltser develops teams, products, and programs that use information security to achieve business results. Over the past two decades, Lenny has been leading efforts to establish resilient security practices and solve hard security problems. As a respected author and speaker, he has been advancing cybersecurity tradecraft and contributing to the community. His insights build upon 20 years of real-world experiences, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more