There’s a lot of debate about which is the most secure web browser. Conventional wisdom says that Microsoft’s Internet Explorer, the most popular browser, is also the least secure because of the attention that hackers pay to it.
However, as other browsers such as Google’s Chrome and Mozilla’s Firefox gain users, they’re also seeing plenty of attacks. And the rate at which browsers receive software updates
The bottom line, according to many security experts: The safest browser is the one that’s used the right way.
On that note, here are some tips IT can pass along to users for safer web browsing:
1. Use your browser’s security features
Since most security threats originate on the Internet, browser makers have been competing to add new security features to protect users and their employers’ networks. However, the user — or IT — must make sure the right features are enabled.
Chrome users can open their browser’s Settings panel, click “Show advanced settings …” and scroll down to the Privacy section.
On Internet Explorer, users can access “Internet Options” in the Tools menu. Firefox users can find “Options” in that browser’s Tools menu.
2. Keep browsers up to date
While developers have put a lot of effort into improving web browser security, companies can’t benefit if users keep running outdated software. But unfortunately, one study found that 40% of all web traffic comes from outdated and unsecured browsers.
In addition to the browsers themselves, using outdated extensions can also create security risks.
3. Be wary of all sites
If IT tells users to avoid dangerous websites, they might assume they’re be safe as long as they avoid pages offering pornography, illegal downloads and other nefarious items.
However, several studies have shown that the most dangerous parts of the Internet often include legitimate sites that have been hijacked by hackers.
4. Look out for phishing
A typical web-based security attack involves a user visiting a malicious site which then installs malware, steals information or completes other actions on behalf of hackers. So for those attacks to occur, users are directed to those sites, often through phishing attacks.
IT can train users to avoid phishing attacks and be suspicious of links that are sent to them via email, social networks, etc.