Browser best practices

• The user logs out of the OpenPages application.
• The session expires.
• The browser instance is closed.

The following are some suggested best practices for enhancing browser security that the users should be aware of:

• Logging off from OpenPages after they finish their work, and closing the browser window to ensure that no sensitive information is stored in the browser cache.
• Blocking their computers from external use when the users are not physically present - either by keeping their computers on stand-by or by locking their accounts.
• Copying (not clicking) a link to the OpenPages application from an email and then pasting the link into the address bar of the browser window. After pasting the link, users should validate that the link they just pasted matches the link in the text of the email message.
• Configuration of an inactivity timeout - administrators should set this to a desired security level that is based on commonly known levels of inactivity for their organization. For more information, see Setting a session inactivity timeout value.
• Configuration of the Cross-site Scripting Filter setting to check all HTTP GET requests sent to the OpenPages application server.