Blog Post

Web Browser Lockdown

Jordan

I’m part of the generation, at least in this part of the world, who got to watch the internet grow up as I did.  I don’t remember my dad buying our first computer, but I definitely remember having one before the internet was something normal people had access to. I remember the days of being able to access a free dial up email account that came with a few megabits of free data each month. Fast forward to today, almost everyone I know has WiFi and most of my friends carry a phone with nearly unlimited high-speed internet access. In fact, many of the things I do in my job on a daily basis are simply not possible without the internet.

While I love having easy access to the internet, having so much of our lives on the internet has created a whole new set of challenges. The two primary issues that come to mind are security and privacy. Each of which are big enough topics that many articles and even books have been written about them. For this article I will try to focus more on the security side of things though it is very important to think about the privacy implications of your choices and the ‘features’ you opt into as you go along, and whether the benefits are worth the risk imposed by the invasion of your privacy, and in this regard what’s good or bad become much more subjective.  On the other hand when I refer to internet security I’m talking about things to do to help you keep from getting hacked or infected with a virus, which I think we can all universally agree would be a bad thing.

So what can you do to protect yourself? Well if you’re a regular reader you may recognize many of these since keeping safe from bad things that come from the internet is what many of our articles boil down to.  There is a scale of how much trouble you are willing to go through.

So on a scale of 1-5, where 1 is pretty easy and offers the least protection to 5 being completely virus proof here are our recommendations

  1. Don’t use the built in web browser – The built in web browsers tend to be the slowest to get fixed when a problem is found, and also tend to have the most attention trying to break them so for the simplest fix we recommend: Google Chrome , or Firefox.
  2. If you’re ready to take it up a notch without going to crazy the next recommendation we would have is to install the Disconnect.me add on for your browser which blocks many third party connections when you’re browsing the web or you could even level up to the Aviator browser , built off of Google chrome but with all the nobs, dials and switches set by default for maximum security and disconnect.me installed by default.
  3. If you want still better privacy and security here is a list of our favorite add-ons for browsers. We think the value of having these installed is well worth the added security, but be warned using these plug-ins will require maintenance and some tweaking to get some webpages to load right. For Aviator and Chrome the best javascript blocker I’ve found is called ScriptSafe but is listed in the chrome web store as ScriptNo. For Firefox we use a plug-in called NoScript. These plug-ins will block all Javascript code in the web pages from running by default, but will allow you to selectively enable domains as needed to get the page to load. I also really like the Ghostery plug in, available on both Chrome based browsers and Firefox. Ghostery is more of a privacy tool, providing very granular site by site control over whether your browser loads content provided by tracking companies, and/or accepts third party cookies. All of these recommended browsers also support several Password managers including Lastpass so make sure to get yourself a good password manager as well.
  4. Now we’re going really hard core, almost off the deep end in fact. So you’ve configured your primary browser with all the best plug-ins but still you want more. Well I think the best I can do for you is to give you some pointers and let you go exploring yourself. For added security you get get this cool program called a Hypervisor which will allow you to run other computers (call virtual machines) on your computer as if each computer was its own applications. The two most commonly used are VirtualBox (free for personal or commercial use) and VMware Player (free for personal use only).  You can then install operating systems like Ubuntu , PCbsd , Tails , Whonix or other free operating systems each with their own securely configured browsers and segment your browsing habits into different security zones and use a different browser in a different virtual machine for each type of browsing. Another hyper secure distribution of Linux that is worth mentioning although it doesn’t work in VirtualBox due to the fact it requires having its own Virtual machines running inside of it is Qubes OS.
  5. I know there are some of you out there who got to the end of #4 and said to yourself “Is that it? Is that really all I can do to protect myself and my family?” Well for the real security conscious there is Level 5! Its a little long and complicated so rather then putting all that here Please see the Onions article titled “ After Checking Your Bank Account, Remember To Log Out, Close The Web Browser, And Throw Your Computer Into The Ocean ” While this article is geared toward banking it is equally applicable to any account that may require a username and password to access.

That’s it now all you have to do is pick your level of security and begin to implement the above prescription. If anyone would be interested in a walk through on how to set up your your browser at Level 3 or on using Virtual Machines like Level 4, please let me know in the coments. Have a great week and as always stay safe out there.

fish hook

Catching the Big Phish

By Eberly Systems 20 Sep, 2024
We're all in the same boat trying to avoid cybercrime! Here's our top ways to identify a potential phishing attempt.

Key Notes from the Security Team: Q3 2024

By Eberly Systems 10 Sep, 2024
Focus on integrating with new team members and new customers

Key Notes from the Security Team: Q2 2024

By Eberly Systems 09 Jul, 2024
Keeping you abreast of security news

Eberly Systems Acquires Lebanon County LYLAB Technology Solutions

By Eberly Systems 02 May, 2024
West Lawn, PA, May 2, 2024 — Eberly Systems , the West Lawn-based managed IT services and managed voice provider, today announces its acquisition of the Lebanon-based LYLAB Technology Solutions. Eberly Systems seeks to further a movement of people who are motivated and equipped to make a difference in their world through their daily work. They believe in building lasting partnerships based on trust and transparency while delivering industry-leading solutions to support and protect critical business assets. Driven by the principles of people, excellence, integrity, and stewardship, the team prides itself on partnering with companies to securely, reliably, and efficiently grow their businesses. “We cannot be more excited to join forces with the LYLAB team,” comments Kordel Eberly, Eberly Systems President & Founder. “ The integration of LYLAB Technology Solutions into Eberly Systems solidifies our commitment to providing small businesses with unparalleled service and support. We’re proud of this new opportunity to carefully design and manage the IT infrastructure and systems of even more local businesses and communities.” The acquisition solidifies the Eberly Systems commitment to supporting businesses in Lebanon County. Merging the two teams together as one entity offers the collective team the benefit of enhancing capabilities, refining processes, and extending reach to better serve the evolving needs of small businesses in the surrounding area. Future plans include expanding their presence into Lancaster County.
computer help with IT support

Navigating Small Business Success: The Power of IT Outsourcing for SMBs

By Eberly Systems 16 Jan, 2024
A trusted MSP can be your invaluable strategic partner.

Enhancing Business Security and Productivity with Microsoft Office 365

By Eberly Systems 02 Jan, 2024
These 5 key features of Office 365 Business Premium make it essential for businesses to have.
set of keys

Key Notes from the Security Team: Q4 2023

By Eberly Systems 19 Dec, 2023
Eberly Systems has been hard at work over the last year in a concerted effort to enhance the security posture of our clients’ information technology environments. Here are the quarterly updates.
construction site

Customer Success Story: Construction

By Eberly Systems 03 Jul, 2023
After years of steady growth, the workforce at a construction development and property management company was becoming increasingly frustrated by disorganized data. Eberly Systems deployed a hybrid cloud storage solution for efficiency and secure data access.

SharePoint File Storage & Sharing Best Practices 

By Nate M. 01 Jun, 2023
SharePoint file storage has both features and limitations that you should be aware of while storing and accessing files. Here's a rundown.

Best Practices for Creating Passwords in 2023

By Nate M. 05 Jan, 2023
These are the Eberly Systems recommendations for creating good passwords in 2023.
More Posts
Share by: