Securing Internet Explorer’s (IE) Zones can go a long way toward protecting your non-technical family and friends from malicious web sites.
Many non-technical users in your life probably use IE for most of their computer activities. From checking email to editing photos, these cloud computing applications make the web browser the most prominently used tool on most computers. With firewalls in operating systems and abundance of inexpensive hardware routers, many attackers are turning towards browser infection techniques by luring unsuspecting users to web sites that compromise the computer. Therefore one of the most basic things you can help non-technical family and friends with is locking down their browser. There are entire treatises written on how to secure IE, but the most basic approach involves locking down IE’s Zones settings from its default promiscuous settings to a more secure white list approach. This simple technique disables most of the common exploit vectors, such as ActiveX and scripting.
Setup Internet Explorer Zones Security
- From most versions of IE double-click the zone area in the bottom-right of the browser (typically it shows Internet.) to open up the Internet Security Properties window.
- Set the Trusted zone to Medium by selecting each zone, moving the slider to Medium, and pressing Apply.
- Set the Intranet zone to Medium using the same steps as above.
- Next set all other zones (i.e., Internet and Restricted Sites) to High using the same steps as above.
- Click OK to close the window.
Add Proven Sites to Trusted Sites List
- Open up the Internet Security Properties window by double-click the zone area.
- Select Trusted Sites and press the Sites button.
- In most cases you’ll have to clear the “Require server verification…” checkbox.
- Enter the site’s domain name (e.g., domain.com) and press the Add button.
- Select Close to dismiss the Trust Sites window and press OK to close the Internet Security Properties window.
This setup isn’t as user-friendly at first, but it’s a lot safer. After adding many of their commonly used sites, it hopefully won’t be as annoying for your family and friends.