What Makes a Web Page Secure?

Web Security Then and Now

• As the popularity of PCs grew in the 1980s, so did malicious software that could target and infect a computer, damaging it or stealing its resources.
  At first, viruses spread by diskette. In the age of the Internet, email, instant messages and the Web itself have become the most frequent source of assaults. The bad guys also try to fool you into handing over crucial personal information of your own free will--typically by masquerading as a business entity you trust, a practice known as "phishing."

Features of a Secure Web Page

• A website owner can take steps to prevent malicious agents from spying on or interfering with your transactions. An encrypted connection achieves this. The letters "https" at the beginning of the web address (as opposed to "http" with no "s") indicate that an encryption protocol called Secure Sockets Layer (SSL) is active. Your browser should also display a lock icon.
  Some websites--for example, those of banks and credit card companies--are especially concerned with protecting information you transmit. Others, such as online email sites, encrypt only your password. Gmail allows users to set https as the default for all connections to its server and is considering setting https as the default for all users.

Secure Browser

• Most standard browsers (including Internet Explorer and Mozilla Firefox) enable robust encryption and include a range of basic protections against viruses, phishing and other attacks. These measures are usually improved in each new version, so make sure to keep your browser updated.
  Check your browser's security and privacy options to determine how you might increase your protection without too great a loss of functionality. Some browsers let you supplement standard options. For example, a Mozilla-authorized "add-on" for the Firefox browser called NoScript lets you decide whether a web page may run scripts, that is, code run by Java and other popular applications that can be used to exploit vulnerabilities but without which some web pages cannot run properly.
  A bare-bones but speedy browser such as OffByOne lacks scripting capability altogether. This may be preferable when you care only about scanning news stories, not watching videos or conducting online banking.

Surf Carefully

• Steer clear of dubious websites. But no matter how carefully you surf, you need strong protection--firewall, virus scanner, malware scanner--installed on your PC itself. Google estimates that one in 10 websites may include malicious code that can infect your computer via so-called "drive-by downloads."

Click Carefully

• Avoid clicking on email attachments that you are not expecting, even if the email originates from someone you know. Don't click on links supplied in email from strangers, especially if the stranger wishes to "update your information." Somebody's phishing! Don't get caught.