Brendon
Baxter

Tips to secure web browsing on work devices

Brendon Baxter

Oct 25, 2021

11 min read

Evolution of Browsers

From the old text-based interface to the current highly graphical interface, browsers have come a long way and a day doesn’t go by where we don’t use a browser, whether it is to pointlessly go through the internet for fun or having a particular goal in mind. There are a lot of browsers available today: Google’s Chrome browser, Mozilla Firefox, Microsoft Edge and Apple Safari to name a few. All these browsers serve the same purpose, which is to help us access the internet.

Give Hexnode website lockdown a try

The importance of secure web browsing is constantly on the rise as browsers are being used for a lot of things ranging from accessing social media websites to making financial transactions. A lot of sensitive information, like personal details as well as organizational details, are accessed through these browsers. Even though these browsers claim to be secure, the data accessed through browsers are very vulnerable to cyber-attacks.

Types of Cyber-attacks

Cyber-attacks or Cyber security attacks are a major threat to organizations as they can cause serious harm. Cyber-attacks come in many forms, some of them are:

Malware

Malware normally refers to a harmful software that breaks through a network by exploiting a vulnerability. A system gets affected with malware when a user clicks a dangerous link or an infected email attachment. Once in a system malware can cause all kinds of harm like restricting the control over key components of the system (Ransomware), gain access to files and documents in the hard drive and transmit to unauthorized personnel and even render the system inoperable.

Phishing

Phishing refers to the act of trying to steal sensitive information by the use of fake websites or emails that tries to pose as legitimate ones. It can not only steal information but also inject systems with malware.

Man-in-the-middle attack

As the name suggests, this refers to attacks where the attacker gets himself in between a two-way system. This happens commonly in two ways; one is when the attacker places themselves in between a user and a network while using a non-secure Wi-Fi and here all of the user’s traffic passes through the attacker, the second one is through malware and here the malware installs software capable of processing the user’s data.

Denial-of-service attack

This attack aims at making machines or networks unusable to the intended users. This is accomplished by overwhelming the target with traffic or even information that causes crashing of the target system.

SQL Injection

SQL injection occurs when an attacker associates a malicious code with SQL based servers which causes the server to give out information it normally wouldn’t and it is normally done very easily by exploiting vulnerability with the server.

Zero-day exploit

These exploits attacks networks that have announced network vulnerability but haven’t found a solution for it.

Impact of Cyber-attacks

Cyber-attacks have a huge impact on a business point of view. Consequences or impacts of cyber security breaches range from financial loss to loss of credibility. The financial loss due to a cyber-attack includes both the amount taken by the attacker and also the expense to repair the damaged systems and strengthening the system even more so as to prevent a future event from happening. Another impact is the reputational damage. Once the customers lose the trust in a company, it’s very difficult to build it back up and could cause a loss in sales, number of customers and profits. Cyber security laws make it necessary for companies to protect all of the personal data managed by the firm- both customer data as well as employee data. Failing to ensure the security of sensitive data might result in fines and also regulatory sanctions.

Cyber security is a huge priority for organizations and they find it hard to protect data because company data gets accessed from the work devices of each and every employee of the company and these devices become entry points of cyber-attacks unless they are well protected. Browsers are the most common entry point for cyber-attacks and it’s always important to ensure browser security. Then comes the question, can you achieve a completely secure web browsing? The simple answer would be a NO. However, there are a few ways you could ensure a relatively secure web browsing experience on work devices:

1. Always keep your browser updated

The first step towards a secure web browsing experience is to keep your web browser updated. This is suggested because most cyber-attacks exploit the security vulnerabilities and with each update browsers find and applies solutions to the vulnerabilities that are detected. As an added bonus, updating browsers give access to the new features that are associated with each update.

2. Use of VPN can hide your online identity

While browsing the internet, normally the Internet Service Provider or ISP provides the connection and keeps track of its users by an Internet Protocol (IP) address. The user’s entire web traffic gets channeled through the ISP’s servers and thus making everything the user does online visible to the ISP. ISPs can hand your data over to all kinds of people including the government, advertisers and even other third parties. An ISP server breach can also cause a breach of data.

By using a VPN, the user’s IP address is masked. This is done by redirecting the connection through a remote server that is handled by the VPN provider. The origin of your data becomes the VPN server. As a result, it becomes impossible for the ISP or any other parties to access your online activities. While using VPN, it should be kept in mind that the VPN provider has access to your data and so you should only use trusted VPNs. But the next big issue is configuring VPN settings in each and every work device, which can be a tiring task. Using Unified Endpoint Management solutions, configuring VPN in a multitude of devices becomes much easier.

3. DNS filtering can manage what data can be accessed on company managed networks and devices

DNS or Domain Name Service connects the domain names of websites to the IP address of the same so that users need not remember a set of numbers to access a website. A DNS is an integral part of using the internet. When a user searches for a website (domain name) in a browser, a DNS query is generated and is sent to a DNS Resolver which then matches the queried name to an IP address and sends a reply to the user’s system. A connection is established only after this connection is made.

DNS filtering works using specially configured DNS resolvers that block certain IP addresses or even domains. When a company uses DNS filtering, if a blocked website is tried to be loaded, the query gets sent from the user’s system but the reply to get the connections between the system and the domain will not be sent back to the user’s device.

4. Blocking or Restricting access to websites that aren’t work related

This is a way not only to ensure a much safer experience but also to increase productivity. By restricting non-work-related websites or allowing only work-related websites on work devices it can be made sure that the company data gets accessed only from trusted websites and attacks like phishing can be prevented. This process of filtering the websites for online security is called web content filtering.

Web Browsing from work device
Web browsing from work device
 

5. HTTPS instead of HTTP

HTTP and HTTPS are both protocols that are used to send requests from user’s system to servers and these servers send response back to the system. Requests and responses are like questions and answers. The main difference between HTTP and HTTPS is that HTTPS uses TLS to encrypt the requests and responses which is not done for HTTP. So, HTTPS is like a safer and more secure sibling of HTTP. Most sites are HTTPS enabled these days so it is always safe to use HTTPS instead of HTTP.

6. The right browser extensions can help secure web browsing to some extent

Browser extensions are like add-ons to your browser that add certain extra functions and features to your browser. Many browser extensions are readily available these days for functionalities like language translation and rejecting requests from certain websites. Some extensions are built to add more security to a browser. Extensions like ad-blocker and HTTPS everywhere can help the browser be more secure. Adblocker extensions help in blocking all kinds of ads present on web pages. HTTPS everywhere switches the browser to automatically access only HTTPS instead of HTTP. Another browser extension that could prove to be useful is tracker blockers, these help to block even the tiniest trackers on websites that are so well hidden to track users from website to website.

7. Firewall to restrict unauthorized access to private networks

Firewall is a specially designed security structure that limits unauthorized entry into private networks and keeps check of the incoming and outgoing traffic based on a specific set of rules to find out and take care of threats. The way firewall works is that it creates a barrier between any external network and the one it is supposed to guard. Firewall come in-built with devices like Mac, Windows and Linux computers and these can be switched on or off by the device user. Using UEMs like Hexnode its possible to remotely setup firewall on work devices.

8. Browser sandboxing, a relatively new way to securely browse the internet

Browser sandboxing is a security technique where a virtual space is created and every browser action done by the user takes place in this virtual space inside the user’s system. This means that once the sandbox is activated, the browser is taken to a virtual space and all the actions done will only reflect in that virtual space. Like if a file is downloaded, it is stored only in the virtual space and even if these are malicious files it does not affect the real system and will be confined to that virtual space.

9. Choosing a private and secure browser

Arguably the most widely used browser today is Google Chrome. But Google Chrome has a lot of security concerns as everything you do through Chrome is stored by Google and thus sensitive data becomes very vulnerable to cyber-attacks. There are many other browsers out there that takes up security as a major concern. Browsers like Brave browser and DuckDuckGo browser are now available that provide much more in-built security features than commonly used browsers.

Brave browser has an in-built ad tracker and script blockers, doesn’t need any extensions to upgrade HTTP to HTTPS as it is done automatically and it provides easy access to the Tor Network. DuckDuckGo browser is available on Android and iOS platforms and this browser also provides a wide variety of in-built security features.

Even though new and secure browsers are available these days most people still use the more popular ones. For work devices, it is better to mandate the use of browsers that are trusted. This means restricting access to browsers that aren’t trusted by the organization. UEMs can help to make apps mandatory and can even help to blacklist or restrict the access to unwanted browsers. Hexnode’s Browser Lockdown feature is a secure way for organizations to limit internet usage from work devices. Using Hexnode’s browser lockdown feature work devices can be locked down to a single website or a list of approved websites. This helps organizations make sure that no unwanted websites are accessed from the work devices.

Implementing any of these measures, singly or in combination, can provide a substantially higher level of security than simply browsing the internet. Still, perfectly secure web browsing can’t be achieved, so it is always better to be careful while accessing sensitive information on the internet whether it is personal data or organizational data.

Share
  •  
  •  
  •  
  •  
  •  

Brendon Baxter

Product Evangelist@Hexnode. Read. Write. Sleep. Repeat.

Share your thoughts