This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Consumer Best Practices

From OWASP
Revision as of 20:53, 2 October 2017 by Tgbenson (talk | contribs) (Added content and cleaning up)

Jump to: navigation, search

OWASP Consumer Top Ten Safe Web Habits

Safe practices for consumers on the web

Introduction

Today, more and more of our personal lives are spent connected to the Internet. We spend a significant amount of time checking email, looking at social media, logging into our financial accounts, shopping, and more. These activities expose our private lives to the internet where potential predators are stalking. Our personal computers are often connected to the internet 24/7 via high-speed data lines, wireless connections extend the boundaries of our houses, and now our home appliances are even exposed to the Internet through web interfaces.

We use these systems because it makes life easier. Where we once had to go to a bank to make financial transactions, they can all be done from the comfort of our home. We used to program our VCRs manually to record our favorite shows. Now we can simply open an application remotely and configure our TV or DVR to automatically record programs whenever we want. The internet has provided so many more conveniences to our lives but they don’t come without risks.

These new technologies can also make life easier for the bad guys. Instead of breaking into your house, reading through your trash, or spying on you through an open window, tech-savvy bad guys can effectively invade your privacy, steal from you, and generally make your life miserable from anywhere in the world. We often think that the danger is somehow different because it is computer based and not face-to-face; however, this is simply not true. How do we protect ourselves from tech-savvy intruders? How do we protect our privacy and the privacy of our loved ones?

Guiding principles used to keep us safe in the physical world can also guide us in the computer world. We may not be aware of how computer attacks occur but we can look at “physical world” habits, which we apply without thinking because they’re habits, and see how they apply to computers.

This document will cover ten habits we can use on our computers and provide recommendations to safeguard against common attacks. Each habit will provide a recommendation for all users and some recommendations for more experienced users. While the recommendations are specific ways the habits can be exercised, the habit themselves should remain valid, even when the computing landscape changes.


H1. Protect your secrets

H2. Guard your privacy

H3. Use security software and services

H4. Secure your environment

H5. Perform routine maintenance

H6. Think twice before trusting

H7. Plan for the worst

H8. Clean up your devices and accounts

H9. Avoid unnecessary risks

H10. Be vigilant and on alert