Learning about Internet Security
Learning about Internet Security is a new column in the ASIS SFBA Chapter newsletter. Each month it will deal with a different aspect of Internet Security. Our first topic will deal with Built-In Web Browser Security. Built-in Web Browser SecurityIs your new version of web browser as secure as your neighbor's new version? Being the same version does not necessarily mean that both offer the same levels of security protection. Web browser manufacturers produce versions of their software that contain different levels of data encryption even though they call them the same version. Why the confusion? Simply put, marketing. Since you are not really able to "see" that your data has been more securely encrypted, the marketing emphasis of new versions needed to be placed on the other features of the web browser. By default, the visitor would also be offered the less-secured version of the web browser to accommodate the widest range of computer types. How do you find out what security protection your web browser has? If you are using MS Internet Explorer 5.0 or greater, you can click on HELP, ABOUT INTERNET EXPLORER, from the menu list then look at the line titled, "Cipher Strength" to find out your security encryption level. For Netscape Navigator versions before 4.7, look in HELP, ABOUT and look to see if it supports International Security. The International Security version is 56-bit encryption, whereas the "Local" or "US" versions are 128-bit encryption. For Netscape Navigator 4.7, you will need to be online. Bring up your NN 4.7 and go to http://cgi.netscape.com/cgi-bin/su/intro.cgi, the web site will tell you the security level of your web browser. If you find that you are using a lower encryption rated web browser, you should immediately download the more secure version and install it right away. As a general precaution, be sure to write down the URL addresses of any special saved links that you may have before installing the updated version. You may also wish to write down your dial-up configuration information and your email settings. Another security feature built into most web browsers is the ability to keep secured web pages that you have downloaded from being saved in your web browser's cache. This prevents unscrupulous individuals from searching through your cache and retrieving your sensitive information from secured documents. This is an option that you will need to enable yourself in your web browser because it is not the default setting. Currently, virus protection is not normally built into web browsers. This task has been left to companies that have to ability to stay on top of this type of information more efficiently. However, web browsers do have "hooks" that allow them to work well with virus protection software. Security certificates are used by many companies to digitally sign Internet code, applications, and financial transactions. Your web browser has the ability for unsigned content to be detected, and then based on your chosen settings, either automatically accepted, rejected, or offered to you for a decision. Likewise, "cookies" can be handled in the same manner. More of a security breach than a security feature is your web browser's ability to store IDs and passwords. Unless you are extremely confident that your computer's security will not be compromised, you should probably not let authorization information be saved by your web browser. In conclusion, although your web browser has built-in rudimentary security measures you will still need to use third-party software to provide optimum security protection. Remember that, even though your web browser has these built-in security features, they will not do anything to protect you until you make sure that they are enabled and configured for your requirements. Next Month's Topic: Cookies By Steve
Duell
|
