Security Best Practices for Browsing

It seems like every day now there is new news about a breach of security at a company or a new breed of virus that is sweeping across the internet. While there is no magic shield we can put up to protect us from the bad guys, there are some best practices we can follow as internet users both at home and at work to keep ourselves as safe as possible.

Antivirus

It probably seems silly to say this in 2015, but, PC or Mac you need to be running antivirus software. This software typically scans and prevents established threats and may be effective against new threats that behave in similar ways to old ones.

Best Apple Antivirus:

Sophos-Anti-Virus-for-Mac-Home-Edition

Sophos Antivirus for the Mac – Free Home Edition
Lightweight, effective, free

Best PC Antivirus For Home Users

Print

Webroot Secure Anywhere Antivirus

Webroot has made amazing progress on over the last few years and has gone from a fringe player to offering the best possible protection for home users. This year it has dethroned BitDefender as my product of choice. As of today a 1 year subscription is only $37.99. I recommend subscribing for only 1 year. The choice for best product can easily change in 12 to 18 months.

Best PC Antivirus For Business Users

Print

Webroot Business User Protection

This product can be rolled out to all users easily and is administered from a cloud based interface where you (or your IT staff) can get a quick, real-time snapshot of the threats that have been blocked and the anti-virus status of your computers as well as allowing company wide policy changes to be made in seconds. The product can be configured to run in complete silience, sending all notification and actions to the cloud control panel and never bothering your users, or allowing them to disable or modify the software. A mid-year upgrade is not wasted, as this product can run along side other antivirus and give you added protection until your current AV subscription expires. Subscriptions start at $25/year for 5 workstations with additional volume discounts.

Web Browser

mozilla_firefox_logo

As a dyed in the wool Chrome fanatic for many years, it brings a tear to my eye to say that I have personally switched to Firefox and I recommend that home users as well as businesses that allow users to control their own settings do so as well.  Firefox has changed their slogan to “When it’s personal, Choose Firefox” and have made privacy and security central to their market position and branding. Google has continued to produce a more bloated and vulnerable application with each iteration. Loving technology means loving change.

Businesses that control user’s browsing through IT restrictions should stick with Internet Explorer with content blocking and flash disabled.

Browser Add-Ons:

Security does not stop at choosing the right browser, there are many add-ons for Firefox that can further enhance security, these are the best…

LastPass:

LastPass_Logo_Wide

LastPass Lets you create a secure vault for all your passwords and will automatically log you into sites across your devices. You create a master password, it needs to be strong, and you MUST keep a copy somewhere safe. If you loose it, not even LastPass can get it back. But you only have to ever remember one password. When you create new accounts LastPass helps you create strong passwords and then stores them in your encrypted vault. For bonus points, go back and change all your old passwords too!

Businesses can get the enterprise edition that allows you to manage your business passwords for accounts across the web, then give a Last Pass user account to an employee. They can log into the sites for the business but never see the actual passwords. If they leave, you can simply disable their LastPass account and they no longer have access to your company accounts and never knew the password to begin with.

The Ad Blocker:

UBlock_Origin.svg

uBlock Origin has eclipsed AdBlock plus as my blocker of choice. If you’ve never used an ad-blocker, it filters out annoying ads that appear in pages all over the web. Unlike AdBlock Plus, they don’t allow advertisers who pay them to show you ads. It is also quite lightweight and fast.

The Track Blocker

disconnect

Disconnect is a great piece of software that blocks tracking and hacking attempts and prevents unwanted and possibly infected content from entering your browser. As a bonus, it highly reduces bandwith in doing so and can speed up your connections and page loads considerably.

The Script Smacker

noscript-10years-small

The last plug-in on our list comes with a small warning: IT WILL ANNOY YOU FROM TIME TO TIME. However, it will protect you from literally 90% of all known and unknown attacks online. Many attacks these days come from emails or other communications that contain a link that when you open it, takes you to a website that has a malicious script of some sort. This is how attacks such as CryptoWall work. It is our reliance on convenience that often leaves us vulnerable.

NoScript is an add-on that changes the default behavior of Firefox to block ALL scripts. You need to specifically click the icon and then allow a site to run scripts on your computer. The idea is only to allow content from sites you trust. It will even allow you to block scripts coming from suspicious locations on pages you trust. Most of the time you can get all the info you need to decide that email was a scam without allowing a script to load. Once you have set up the tool to allow sites you trust, you’ll hardly even notice it. Until you click on that bad link and see a suspicions page with blocked content, you’ll be happy you had it.