"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
8 Steps to Optimize Microsoft Internet Explorer for Google Apps Security
1. EIGHT STEPS TO OPTIMIZE
MICROSOFT INTERNET EXPLORER
FOR GOOGLE APPS SECURITY
BACKUPIFY – APRIL 2012
2. EIGHT STEPS TO OPTIMIZE MICROSOFT INTERNET EXPLORER FOR GOOGLE APPS SECURITY
Backupify, Inc. 2
INTRODUCTION
Internet Explorer is the obligatory browser in many office environments, but that
doesn't mean you're obliged to accept IE's default security settings — especially
when using a non-Microsoft Software-as-a-Service solution like Google Apps.
Below are eight steps you can take to ensure Internet Explorer doesn't interfere
with your secure use of the Google Apps productivity suite.
1. Update to the Latest Version
You could be running an out-of-date version of Internet Explorer and not even
know it. (It's unlikely, given Microsoft's rather incessant upgrade prompts, but your
corporate IT department could have disabled those features.) Step one in any IE
security assessment is to ensure you're running the latest version of the browser
with all the most up-to-date defensive features.
2. Run the IE Performance Fixit Tool
Microsoft products are known for the endless layers of customizable settings and
features — which can often lead to an over-tweaked instance of Internet Explorer
that is vulnerable, unresponsive or both. Microsoft's standard answer to over-
optimized products is a Fixit program. The IE Performance Fixit Tool isn't
exclusively a security tool — it repairs caching issues and uninstalls broken add-
ons — but its main purpose is to reset the browser to Microsoft's recommended
security settings, including turning the pop-up blocker and anti-phishing content
filter back on. If you want to secure IE, the Fixit program helps you set a good
baseline for optimization.
3. Enable Tracking Protection and ActiveX Filtering
ActiveX allows certain kinds of browser scripts to run properly in IE but, just as
with JavaScript, you need to be careful about which sites are given ActiveX
privileges. You'll want to enable ActiveX filtering, but list your Google Apps URLs
as exceptions, as they may occasionally require ActiveX to run certain features. In
the Safety menu set, you should enable Tracking Protection, which alerts you if any
3. EIGHT STEPS TO OPTIMIZE MICROSOFT INTERNET EXPLORER FOR GOOGLE APPS SECURITY
Backupify, Inc. 3
website you visit is displaying content from another site — the content equivalent
of a bait-and-switch that may be used to disguise a malware attack.
4. Block All Cookies
Cookies help websites remember who you are, both for tracking purposes and to
expedite logins — including for services like Google Apps. Should your laptop fall
into the wrong hands, you don't want saved cookies to give the attacker easy
access to your Google Apps account, too. Blocking all cookies in IE means you'll
have to log into Google Apps every time you navigate to your account, but that
minor inconvenience is a small price to pay for the added security.
5. Block Saved Usernames, Passwords and Forms
Autocomplete form data is another risky convenience in Internet Explorer, as the
browser can save not just the usernames and passwords you use to access Google
Apps (or any online account), but form data like your mailing address, phone
number or even credit card information. The browser is very insecure place to
keep this information, and not just because you don't want IE divulging that data
any time you happen upon a new online form. The browser itself is often a
hacking target precisely because this data is often stored there. Disabling these
autocomplete features protects your privacy, your Google Apps account and, for
online bankers, perhaps even your life savings.
6. Add Google Apps URLs to the Trusted Sites Security Zone
Internet Explorer splits websites into four different Security Zones: Intranet (your
local network), Trusted Sites (websites you designate as “safe”), Restricted Sites
(websites you designates as “dangerous”) and the Internet (everything not
explicitly labeled). You should add all your Google Apps URLs to the Trusted Sites
Zone to ensure IE doesn't overreact to any content or features your Google
Account offers up. This also frees you, should you so choose, to ramp up any
additional security settings on the other three Zones, as Google Apps won't suffer
any slowdowns from the increased defenses.
4. EIGHT STEPS TO OPTIMIZE MICROSOFT INTERNET EXPLORER FOR GOOGLE APPS SECURITY
Backupify, Inc. 4
7. Block Location Services and Pop-Ups
Certain websites request your location — deduced from your IP address — to
customize content for your local area. That's great if you're looking to gain an
extra three seconds when searching for a restaurant but lousy if you want to keep
your location data private. Remember, personal information is the foundation of
all social engineering attacks, so divulging as little as possible is good policy.
Modify your Privacy settings to keep you location data private, and while you're
there, make sure the Pop-Up Blocker is enabled. Pop-Ups aren't just annoying;
they can open silently (behind the current browser window) and wreak all manner
of havoc before you notice them.
8. Install Chrome Frame for IE
More an optimization than a security setting, the Chrome Frame IE Add-On
enables a number of Google Apps features that are supported only in the Chrome
browser. Drag-and-drop image and file support for Gmail and Google Docs comes
back into play, but so does the enhanced JavaScript engine designed explicitly to
keep Google Apps speedy and safe. If you can't run Chrome itself, Chrome Frame
for IE is the next best thing.
ABOUT BACKUPIFY
Backupify is the leading provider of backup and restore solutions for SaaS
applications including Google Apps, Salesforce, Facebook, Twitter, and more.
Backupify was founded in 2008 and is based in Cambridge, MA. Backupify has over
200,000 users trusting us with more than 500 million documents, two billion email
messages and 350 terabytes of data.
WHY BACKUP CLOUD DATA?
Your data is one of the most critical assets of your business. Like any important
asset, it should be insured. While most SaaS providers, including Google and
Salesforce, offer state-of-the-art disaster recovery capabilities that protect you
from some forms of data loss, you are still at risk for data loss due to user error,
hacked accounts and third-party application bugs. To fully replicate your on-