Adapted from The Paralegal's Guide to the Microsoft Office System by Dorian S. Berger and Anthony T. Mann

As a paralegal, you need to conduct a significant amount of research on the Web. You conduct your research by using a Web browser, such as Microsoft Internet Explorer 6.0, but you might not understand some of the seemingly confusing technology issues surrounding the Web.

To understand these Web technology issues, it's important to understand some of the basic elements of Internet security and browser technology such as cookies, zones, and temporary files. To make sure that you conduct your Web research as safely as possible, you should consider performing some of the following actions.

Updating Internet Explorer

Microsoft continually provides enhancements and security updates to all of its products, including Internet Explorer 6.0. Some of these enhancements and upgrades are targeted to prevent attacks from hackers. However, sometimes these extra layers of security make the software harder to use from a user's point of view.

Therefore, as threats are discovered, Microsoft makes fixes, upgrades, and service packs available for its products and constantly balances ease of use with increased security levels. You or your IT department should make sure that all service packs are applied to maintain the highest level of security on your computer. A service pack is an update to a Microsoft software program; a service pack contains fixes and enhancements that you can apply to your computer without having to upgrade to or pay for a newer version of the software.

Update Internet Explorer with the latest service pack   To ensure that Internet Explorer is fully updated, you should confirm that you are using the latest version of Internet Explorer on your computer. At the time of this writing, the latest version of Internet Explorer is 6.0.2, with Service Pack 2 applied.

To determine your version of Internet Explorer

To determine what version of Internet Explorer you are using, follow these simple steps:

1. Start Internet Explorer.
2. On the Help menu, click About Internet Explorer.

   

   Note the following elements in the About Internet Explorer dialog box:
   • Version   The version should be at least 6.0.2.
   • Cipher Strength   This is the level of encryption that the browser can support. If you are going to be sending confidential information over the Internet, you must ensure that the cipher strength is 128-bit. If the strength is lower than this, it is possible that someone could decipher the encryption code and view the information.
   • Update Versions   The version should be at least Service Pack 2 (SP2) to ensure the right balance between security and functionality.
3. Click OK to close the window.

To update Internet Explorer

If you need to update Internet Explorer, click Windows Update on the Tools menu, and then to go to the Windows Update Web site, where you can download the most current updates.

Security diligence

Since the events of September 11, 2001, government officials have been telling us that security is everyone's responsibility. Although security breaches on the Internet may not seem dire, we need to take Internet security seriously.

Web site owners should allow users access to their sites by using browsers that are encrypted to protect sensitive information. Sensitive information includes:

• User names
• Passwords
• Addresses
• Phone numbers
• Credit card numbers

To help ensure that you are surfing the Web safely, check to see whether your browser is up to date. You should also confirm that a Web site uses encryption technology before you enter a Web site or view sensitive information.

Encryption   To determine whether a site uses encryption technology, you can perform two easy steps. The first step is to notice the Web address (URL) itself. If it begins with https:// (note the "s") , then the site is secure. The second step is to look at the bottom of your computer screen for a symbol that resembles a lock. Both an https Web address and a lock symbol are shown in the following figure.

Make sure not to click the Submit, Save, or OK button; otherwise, sensitive information will be transmitted without being encrypted.

What are cookies?

For purposes of this article, the term cookies are small files that are stored on your computer. Cookies contain information that is read by certain Web sites — and are not the delightful snacks you might find in your kitchen. However, similar to the baked goods, some Web cookies can be really good, and some can be really bad.

Good cookies   A cookie can be used to store user IDs, passwords, preferences, personalization, or any other information that allow you to have a pleasant and smooth Web experience. For example, suppose you visit a Web site that allows you to select your language preference. So that you don't have to set your language preference every time you visit the Web site, cookies are created that allow the language preference to be saved or stored on your computer.

Bad cookies   Okay, so cookies sound like a good thing, right? Often they are serving a constructive purpose, but they can also cause problems. A bad cookie can contain sensitive or confidential information that you are unaware of, such as your name, credit card information, and address. Cookies make it possible for sensitive information to be stored and accessed repeatedly when you visit a Web site, increasing the chances that a hacker might have access to that information.

Protecting yourself from cookies

How do you protect yourself from cookies? Internet Explorer allows you to choose whether to accept cookies from Web sites in a specific zone.

What is a zone?

A zone is a logical region or grouping of Web sites, based on where they are physically located and how well you trust the source. The following zones are available by default in Internet Explorer 6.0.2:

• Local intranet   This zone contains Web sites located on your local network. These sites do not have to communicate over the Internet to be accessed.
• Trusted sites   This zone contains Web sites that you trust not to harm your computer.
• Restricted sites   This zone contains Web sites that are known or suspected to be harmful to your computer.
• Internet   This zone contains all other Web sites that are placed in one of the other three zones.

By default, cookies are allowed for Web sites in all zones except the restricted sites zone. However, you can limit cookies for a particular zone or for specific Web sites.

To set a cookie policy for a zone or Web site

1. In Microsoft Internet Explorer, on the Tools menu, click Internet Options, and then select the Privacy tab.

   

2. Move the slider up or down to adjust the settings. For example, moving the slider up incrementally increases the security of your Internet settings so that cookies are not accepted. Moving the slider down incrementally decreases the security so that cookies are accepted. Check with your IT department if you are not sure which settings to use.
3. Click Sites to explicitly set a cookie policy for an individual Web site.

   

4. Enter the Web site address in the Address of Web site box.
5. Click Block to block all cookies for the site, or click Allow to allow all cookies for the site.
6. Click OK.
7. Click OK again.

Deleting cookies

If you are concerned about cookies that contain personal information stored on your computer, you can delete them. You need to do this only if you haven't yet set your cookie policy by using the procedure outlined in the previous section, "Protecting yourself from cookies."

If you allowed cookies for untrusted sites in the past, you might have personal information stored on your computer that you are unaware of. Therefore, you should delete your cookies.

To delete cookies in Internet Explorer

1. On the Tools menu, click Internet Options.
2. Ensure that the General tab is selected (this tab is selected by default).
3. Click Delete Cookies.
4. When you are prompted for a response, click OK.
5. Click OKagain.

Spying on you

Spyware is a term used to describe files that are maliciously placed on your computer to track which Web sites you visit. Spyware can even force your browser to open Web sites without your consent or knowledge. For example, you might type the Web address for for a specific search engine, but your browser goes to a Web site that you did not choose to visit.

If you've had this happen to you, you probably have spyware installed on your computer. Spyware is automatically installed when you visit certain Web sites. Because spyware is on your computer only for malicious reasons, you should remove it as soon as possible.

Removing spyware   To remove spyware, you need to use a program that's similar to antivirus software. An antispyware program searches your computer for files that track your actions on your computer. As new spyware tactics are discovered, updates for antispyware software are offered at no charge, which is exactly the way antivirus updates are handled.

If you are not sure which antispyware program to use, check with your IT department.

Keeping your computer secure

Because your computer's security is important, you should know how to prepare for Web research and what to keep in mind as you conduct your research by using the Web. Following several simple steps will help ensure that you conduct your research safely. By keeping Internet Explorer up to date with the latest service packs, confirming that you enter sensitive information only on encrypted Web sites, protecting yourself from bad cookies, and removing spyware, you'll be well on your way to conducting your research safely.

About the authors   Dorian S. Berger is a product manager at Microsoft Corporation. Anthony T. Mann is the president and CEO of the Mann Publishing Group, which specializes in publishing business and technology titles. This article is adapted from The Paralegal's Guide to the Microsoft Office System.