An Internet-connected computer is a powerful tool.  Like all tools, it can be used for good or bad.  Whether you are managing a workplace or a home, it is vital that we establish safe boundaries for how our computers can be used.  This guide is intended for the parent or small-business owner who desires to establish these boundaries.  Larger businesses likely use Windows domain-based controls to enforce policy on their computers, but for the home or small business, we’ll assume that those tools are not available.

There are many options for securing your computer: some are free, and some cost money; some provide cursory protection, and some lock things down to a much tighter extent.  The tighter we lock things down, the more likely that we will inadvertently block some useful content or functionality.  Unfortunately there are always trade-offs to each choice.  The guide below takes a no-cost approach that offers an effective but fairly light-weight solution that should not block any useful content.  You may choose to add more protection on top of this if the situation requires it.

Lastly, it would be naive to assume that any form of protection is 100% effective, short of unplugging from the Internet.  A person who is both very determined and computer-proficient can find a hole in virtually any protection scheme.  This guide does not offer an impenetrable barrier — there is no such thing. Given that, establishing the boundaries of acceptable computer use is always the very first step.  The goal is to establish both an expectation and a trust between the user and the computer owner, right from the start.

1. Establish control of the user account and password
   If the user account is not secured, any protections that we put in place can simply be removed or bypassed by the employee or family member.  The user account must either be a non-administrator account, or an administrator account that requires a password when any administrative action is taken.  This setting will require a password when installing a new program or changing Internet settings, for example.  Any fundamental changes in the operation of the computer will need to be approved by you, the keeper of the password.
2. Change your domain name server
   A domain name translates a human-friendly website address, like “haydentech.com”, to the underlying numeric Internet address that serves its content (216.92.152.148, in this case).  What if our domain name server simply refused to give out the address to inappropriate sites?  The web browser would be unable to find that content.  There are several free DNS services that do exactly that.Changing the DNS server on the computer affects that one computer.  If you have the ability to change the DNS server on your Internet router, you have the added ability to affect all connected computers and phones.
3. Install browser extensions
   Search engines, such as google.com, are useful tools that we almost certainly don’t want to block at the DNS level.  But they can still return inappropriate content, even accidentally!  To minimize the chance for this, we need to install a browser extension to force the “Safe Search” setting to always be on the safest setting, regardless of what setting the browser user has selected.
4. Uninstall any browsers not protected by extensions
   Let’s say you use Firefox as your browser of choice, as I do.  You installed the extensions in Firefox during the previous step, and now it has some content protection.  However, other browsers on the system aren’t protected, and we need to uninstall them so they can’t be used in lieu of your protected browsers.