Germany’s Federal Office for Information Security (BSI) has published the minimum requirements for web browsers to be used on workstations of the federal government, in order to achieve a minimum level of information security.
The documents, made available by the BSI on 13 April are aimed at IT managers, IT security officers and IT specialists working for the federal administration.
“Web browsers are now standard equipment for workstations”, BSI writes. “Due to their versatility, web browsers often equal the power of PC operating systems. Their widespread use, their complexity and the associated potential for vulnerabilities, make browsers a popular target for cyber attackers.”
When using a web browser, data is loaded from untrustworthy sources, BSI adds in a follow-up document. This data may contain malicious code, such as viruses, trojans and spyware, that can infect a workstation without the user noticing. “This may result in loss of availability, confidentiality, and integrity of protected data.”
The BSI documentation lists minimum required protocols and standards. The security experts also compare four commonly-used web browsers. Only one of these (Microsoft Edge) has a serious issue, prompting the BSI to recommend that it not be used.