10 Steps to Optimize Mozilla Firefox for Google Apps Security
0 likes1,206 views
The document outlines 10 steps to optimize the security of Mozilla Firefox when using Google Apps. It recommends disabling advanced JavaScript, customizing browser history settings, showing downloads windows, enabling security warnings, disabling password storage, setting alerts for offline data storage, automatically installing updates, enabling encryption, and using the HTTPS Everywhere and NoScript add-ons. The document was created by Backupify, a company that provides backup solutions for software-as-a-service applications including Google Apps.
10 Steps to Optimize Mozilla Firefox for Google Apps Security
- 1. TEN STEPS TO OPTIMIZE MOZILLA FIREFOX FOR GOOGLE APPS SECURITY BACKUPIFY – APRIL 2012
- 2. 10 STEPS TO OPTIMIZE MOZILLA FIREFOX FOR GOOGLE APPS SECURITY Backupify, Inc. 2 INTRODUCTION Firefox has long been considered one of, if not the, most reliable and adaptable browser available today, but that standing is easily undermined by insecure browser settings and user preferences. When running a Software-as-a-Service solution like Google Apps, lax browser security can prove fatal to a Google Apps domain, and to your business. Below are 10 steps you take to maximize Firefox's defenses against online threats and keep your Google Apps domain safe and secure. BROWSER SETTINGS Firefox's reputation as a highly customizable browser is well earned, so your Google Apps security measures should begin with the Firefox's internal settings. 1. Disable Advanced JavaScript For absolute maximum security, you should disable JavaScript altogether, as hackers can use it to execute a number of unscrupulous actions in your browser. However, JavaScript is necessary to operate the interactive features of many online applications, including portions of the Google Apps suite. The good news is Firefox can disable only the more dangerous elements of JavaScript. Under the Content Panel's Advanced JavaScript Settings, deselect the options to Move Or Resize Existing Windows, Raise Or Lower Windows, and Disable Or Replace Context Menus. This will prevent websites from opening hidden browser windows you can't easily dismiss or control. 2. Set Custom Browser History Configuration Firefox offers a Private Browsing Mode that prevents it from recording any passwords, form autofill data, accepting cookies, or saving other history data. This is prudent, as it prevents hackers from targeting your browser to obtain this access information. You can permanently opt into Private Browsing mode by selecting the Never Remember History option in the Privacy Panel, but the smarter move is to configure a Custom History Setting. Within the Privacy Panel's Custom Settings
- 3. 10 STEPS TO OPTIMIZE MOZILLA FIREFOX FOR GOOGLE APPS SECURITY Backupify, Inc. 3 For History section, deselect every option except Remember Download History. This will ensure you have a record of any items downloaded — knowingly or otherwise — but that any other history data (notably login information) won't be saved in the browser. 3. Show the Downloads Window When Downloading Files Some hyperlinks disguise malicious software downloads. Selecting the Show The Downloads Window option in the General Options panel ensures that nothing gets dropped on your hard drive without your knowledge. 4. Enable Security Warnings Firefox provides a number of defenses and security warnings by default, but you should be certain these options are enabled. Under the Security Panel, select the Warn Me When Sites Try To Install Add-Ons, which will prevent any malware disguised as video player plug-ins or game features from sneaking onto your browser. Then select Block Reported Attack Sites and Block Reported Web Forgeries, which are pretty self-explanatory. 5. Disable Password Storage Storing passwords in your browser simply makes your passwords vulnerable to browser attacks, putting your Google Apps account and domain at risk. While less convenient, you should disable the password storage option. 6. Set Alerts for Offline Website Data Storage Some websites will try to store data locally. Most of these requests are legitimate — Google Apps can occasionally make them in relation to its Offline Mode — but you should be aware when these requests are made. Under Firefox's Advanced Panel's Network tab, select the Tell Me When A Website Asks To Store Data For Offline Use option to ensure no offline data is saved without your knowledge and permission.
- 4. 10 STEPS TO OPTIMIZE MOZILLA FIREFOX FOR GOOGLE APPS SECURITY Backupify, Inc. 4 7. Automatically Install Updates Keeping Firefox up to date means you'll always have the latest security patches and defenses running on your browser. Under the Advanced Panel's Update tab, select the Automatically Install Updates option and the related Warn Me If This Will Disable Any Of My Add-Ons option. The former will keep you running the latest version of Firefox; the latter will let you know if any of your security plug-ins are incompatible with the latest Firefox update. 8. Enable Encryption While selecting the SSL version of any website is prudent, Firefox can enforce the use of the latest and most effective Secure Sockets Layer and related encryption protocols at any HTTPS web address. Under the Advanced Panel's Encryption tab, select the Use SSL 3.0 and Use TLS 1.0 options. BROWSER ADD-ONS Above and beyond Firefox's native security features, these add-ons impart some much-needed defensive measures into your browser. 9. HTTPS Everywhere Virtually every reputable website and web application offers an SSL version to accommodate encrypted web communication, including Google Apps. This keeps any data you share with the website — especially passwords — away from prying eyes. The HTTPS Everywhere Firefox Add-On defaults you to the SSL version of any website, making sure you don't accidentally opt for the less secure version. 10. NoScript Even with Firefox's advanced JavaScript settings, you're still at risk from clickjacking attacks. The NoScript add-on only allows JavaScript from trusted sites to run on your browser. If they're not on the safe list, the site's script won't run, keeping JavaScript fully at bay.
- 5. 10 STEPS TO OPTIMIZE MOZILLA FIREFOX FOR GOOGLE APPS SECURITY Backupify, Inc. 5 ABOUT BACKUPIFY Backupify is the leading provider of backup and restore solutions for SaaS applications including Google Apps, Salesforce, Facebook, Twitter, and more. Backupify was founded in 2008 and is based in Cambridge, MA. Backupify has over 200,000 users trusting us with more than 500 million documents, two billion email messages and 350 terabytes of data. WHY BACKUP CLOUD DATA? Your data is one of the most critical assets of your business. Like any important asset, it should be insured. While most SaaS providers, including Google and Salesforce, offer state-of-the-art disaster recovery capabilities that protect you from some forms of data loss, you are still at risk for data loss due to user error, hacked accounts and third-party application bugs. To fully replicate your on- premise backup capabilities in the cloud, you need the ability to perform granular restores, and to retain the control that comes from having your own secure second copy of the data in your SaaS applications. FIND OUT MORE If you're interested in the peace of mind you get from an automated Google Apps backup solution, feel free to contact us directly at info@backupify.com. Web http://www.backupify.com Phone 1.800.571.4984 Twitter http://twitter.com/backupify Backupify logo is a registered trademark or registered trademarks of Backupify, Inc. All other names may be the trademarks or registered trademarks of their respective owners. © 2012 Backupify, Inc. Item: GAT-WP-EN-200110608