Site Security Planning

Client Security Management

To protect your site and the users who provide content for it, prevent users from downloading unsafe files over the Internet. Set and enforce browser and e-mail security for at least those users who provide content to your site. Establish a policy for maintaining a list of restricted sites, and set browser restrictions accordingly. Use a centralized browser management package to lock in browser security settings (see the sidebar, “Locking in Security Settings for Microsoft Internet Explorer and Outlook” for an example of how to do this).

Locking in Security Settings for Microsoft Internet Explorer and Outlook

Develop and implement an effective browser security policy in your organization in order to prevent browser users from downloading possibly dangerous content. For Windows:

Use Microsoft® Internet Explorer 5, or later, as the standard browser in your organization.
Establish a browser security policy that protects users against downloading unsafe active content. At a minimum, require that browsers be set on High security for the Restricted sites zone and on Medium security for the Internet zone. (From the View menu, select Internet Options, then click the Security tab. Then select from the Zones drop-down menu.)
Implement the policy, using the Microsoft® Internet Explorer Administration Kit. This policy will lock in effective security levels on all browsers in your organization.

Effective Internet Explorer security will also protect against downloading unsafe email content when using Microsoft® Outlook® 98 as a mail client, because Outlook 98 uses Internet Explorer components (including the rendering engine) to enable its Web features.