Home  |Philosophy | ICT Services | Services | Enquiries| About Us


Search          
Article Finder          
Sign up  
Download                    
Team          
Links          

 


INTERNET EXPLORER (IE) SECURITY
by Mike Martin
01/07/2004
 

In case you have not yet looked into the features within Internet Explorer (the latest version is 6.0), then it is worthwhile looking at how you can ensure that your security is adequate.  It should be “adequate” such that it allows you to do what you want on the Internet without it being too restrictive.  The following notes may help to explain.

Most threats from using your browser on the Internet come from third parties by-passing your security in some way.  They can then run a small program on your computer (a script) without your knowledge.  This may allow them to use your computer to carry out illegal or malicious activities, or to steal or damage information on your computer.

Some unscrupulous web-sites can also place information on your computer and run scripts that can potentially damage or otherwise harm your computer.

IE provides some extensive facilities for controlling which sites you can visit and which you cannot, and those that you do, it can restrict how that site interacts with your computer.  The problem is one of degree. 

It is wise to be cautious and make security as tight as possible.  However, it should not be so tight (unless you deem it necessary) so as to limit or in some way restrict what you need to do when browsing the Internet.  As with many things, it is a question of judgement of your situation, vulnerability and what you want to do when browsing the Internet.

In order to view and make changes to the security configuration of your copy of IE, you need to go to TOOLS and INTERNET OPTIONS.  Here you will see a multi-tabbed dialogue box.  Select the SECURITY tab.  On the security tab (see below) you will find that the security settings are configured into four categories:  Internet, Local intranet, Trusted sites and Restricted sites.

Each of these zones can be configured independently as follows:

Internet Zone

The settings in this zone will cover all web sites that you visit that are NOT specifically listed in any of the other three zones.  You cannot put a web site address in more than one zone.  There are four levels of security that can be automatically applied in this zone – High (the safest), Medium (this is the default and recommended setting), Medium-Low and Low.  As you move the slider control to each setting, a description of what is allowed and what is not appears to the right of the slider bar.

Local Intranet

This zone automatically includes your local computer drives and any network drives that you have mapped or local web sites that exist on this computer or on your local area network (LAN).

Trusted sites Zone

This zone is provided so that you can specifically list web sites that you implicitly trust.  They could include your bank web sites for example, most of whom have impeccable security and would not compromise your system in any way.  By clicking on the SITES button in this zone, a dialogue box appears where you can enter the web addresses (URLs) of any site that you trust completely.

Restricted sites Zone

This zone already contains a list of web sites that are deemed to be a danger by default, and it will deny all access to these sites.  You can add any sites that you specifically want to deny access to for you or any other users of your computer. 

The most obvious way of configuring your copy of IE would be to set the Internet Zone to Medium (recommended) or even High (if you are particularly concerned about security), and then enter the web site addresses of your most trusted sites into the Trusted Sites zone.  In this way, you are fully protected from interference from all web sites, since only your trusted sites will be able to run scripts and place information on your computer.

Some words of caution

If you follow the above route, you must be sure to enter the correct web addresses of your trusted sites into the trusted zone listing.  It must also include any variations in web addresses – for example, when accessing many sites, bank sites for instance, they will often re-direct you to other internal bank sites for specific functions.  The web addresses of these redirections must also be included in the list, or else they will be unavailable to you.  Similarly, if any scripts are run by these re-directed sites, then you will not be able to access the sites’ facilities.  You may therefore find that sites that you do want to visit will not function correctly.

From experience, the process of populating your list of trusted sites can be tricky and a little laborious at first.  It can also be a little frustrating at first, until you manage to get the correct balance between satisfying the need for tight security and operational expedience.  The judgement is yours.

For further assistance in configuring the security in IE, visit the following web site, or call Alan Finch on (01224) 697457 who will be glad to provide advice and guidance.

http://www.microsoft.com/security/incident/settings.mspx
 
 

We wish to acknowledge with thanks that some of the material contained within this publication has been sourced from Computer Weekly.
 
May Day Consulting Limited and your Chamber of Commerce have endeavoured to ensure the accuracy of the information contained in this publication, but do not accept liability for any inaccuracy or omission contained within it.

May Day Consulting Limited
9 Benbecula Road, Sheddocksly, Aberdeen, Scotland  B16 6FT

Tel: 01224 697457
Mob: 07817624652

www: http://www.maydayconsulting.co.uk
www: http://www.understand-it.co.uk

email: enquiries@itsmeit.co.uk
email: alan.finch@maydayconsulting.co.uk

Directors: Alan Finch (Dip Mgt Studies); Margaret Finch
Company Registered in Scotland SC230050
VAT Registered Number 813 7511 45
Registered Office: Bon-Accord House
Riverside Drive
Aberdeen AB11 7SL

Copyright © 2007 May Day Consulting Limited
Send e-mail to webmaster@broch.com with questions or comments about this web site.