Re: How to secure Internet Explorer

From: Craig_Sullivan@Waitrose.co.uk
Date: 11/20/02

  • Next message: Eric: "RE: outlook 2000 vs latest outlook express deployment" 
    To: "B F" <zaphod_b71@hotmail.com>
From: Craig_Sullivan@Waitrose.co.uk
Date: Wed, 20 Nov 2002 09:51:23 +0000

    Hmmm,

    The work I've done in the past involves completely locking down all zones
    (there are a lot of problems appearing with busting the zone model). In
    these cases, the local PC (my computer) zone uses the same settings as the
    internet zone.

    We have had to trade off security against hobbling the functionality of the
    browser though. Sooooo, whilst we enable active scripting, we do lock down
    some of the settings relating to unsigned code and activex scripts not
    marked safe.

    Ultimately you need a configuration that reflects the risk environment that
    is faced by your users, the infrastructure that supports their internet
    access and what sites they are allowed to/normally visit.

    If you use Outlook as an email client, scripting obviously poses much
    greater risks and so the environment you are trying to protect is very
    important.

    Craig.

    *********************************************************************

    Notice: This email is confidential and may contain
    copyright material of the John Lewis Partnership.
    If you are not the intended recipient, please
    notify us immediately and delete all copies of this
    message. (Please note that it is your responsibility
    to scan this message for viruses).

    *********************************************************************

    John Lewis plc Registered in England 233462
    Registered office 171 Victoria Street London SW1E 5NN
          
    Websites: http://www.johnlewis.com and http://www.waitrose.com