On completion of this tutorial, you will be able to:
- Understand different types of security risk
- Assign different security levels to websites
- Use secure online transactions
- Control access to unsuitable content
When you browse the world wide web, your PC is physically connected to the internet. There is always some possibility that someone could get access to your PC and the data stored on it. Security means controlling what gets sent to you and what information your PC sends out.
There are two main ways to get unauthorised access to your PC.
The easiest method is to hide a virus program inside a file. When you download the file (or open it from an email attachment) and run it, the virus will infect your PC. Viruses can usually only be stored in applications (.EXE files). However, macro viruses can also be stored in Microsoft Office documents (.DOC, .XLS and .PPT files). Both types of virus can disrupt or damage your system, or seek out personal and confidential information on your PC or network and send it back to the virus designer (often called a hacker).
The best way to counter this threat is never to download and run programs (or other types of file) from websites you do not have 100% confidence in, and never to open email file attachments from unknown sources.
It is also possible to use active web content to get access to your PC. Web page technologies such as ActiveX and Java are normally used to provide interactive content on web pages, but can be misused. You can configure Internet Explorer so that there is no danger to your PC (or PC network) from this content.
Protecting your PC against malicious use of web content means deactivating the use of such content on web pages you browse, or at least warning you that some level of threat is present. However, this means that some websites may not display correctly when you visit them.
Internet Explorer has a system of zones, for which you can set different security levels. You can then enable the use of active web content and file downloading on trusted sites, so that you can browse them without interruption. The four security zones are as follows:
By default, all pages on the internet appear in the Internet zone. You have to add sites to the Trusted and Restricted zones. The Status bar displays the icon for the zone you are currently browsing.
The following types of web page content could put your PC or data at risk while browsing the internet or as a result of downloading files. If you click the Custom Level button for each zone, you can set options for each type of content.
To add websites to a zone
- From the Tools menu, select Internet Options... then click the Security tab
The Security dialogue box is displayed.
- Select the zone to which you want to add websites
- Click the Sites... button
- In the Add this Web site box, type the URL of the website then click Add
- Add other websites as necessary then click OK
- Optionally, click the Custom Level... button to refine security settings for the zone
Note: If you are browsing from a company network, seek the permission of your IT systems administrator before changing security settings.
- Add sites to other zones if you wish
- Click OK to close the Internet Options dialogue box