The BSI has the minimum standard for Web browser revised for administration and published in version 3.0. Companies can also use this as a guide. Also the supplementary browser comparison table and the reference table for IT-Basic protection has been updated accordingly.
Web browsers serve as central software for navigating the Internet. They also process data from untrustworthy sources that contain malicious code. Computers, cell phones and tablets can become infected unnoticed.
At the same time, the functions and interfaces of web browsers are constantly increasing. This means they also offer an increasing target for cybercriminals. The dynamic development of software products, the increasing mobile use and the central role of web browsers therefore make it necessary to take current security requirements into account. The Federal Office for Information Security (BSI) has published the new version 3.0 of the minimum standard for web browsers.
Federal standard for companies as a guideline
The scope of application has been significantly expanded compared to the previous version: For the first time, the new version also applies to web browsers on mobile platforms (“mobile browsers”) of the Federal Administration. The minimum standard contains relevant information and additions that take into account the technical characteristics of mobile operating systems. The requirements are applicable to both workstation computers and mobile platforms.
Advertising
Subscribe to our newsletter now
Read the best news from B2B CYBER SECURITY once a month
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our
Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.
CleverReach
This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at:
https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time.
You may object to the storage if your interests outweigh our legitimate interest.
For more information, see the privacy policy of CleverReach at:
https://www.cleverreach.com/de/datenschutz/.
Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
Along with the minimum standard, the BSI has also updated the associated browser comparison table. This serves as a working aid for users in the federal administration. It describes how the minimum standard requirements can be implemented for the web browsers most commonly used there. In principle, any web browser that can meet the minimum standard can be used.
The minimum standard for secure web browsers, first published in 2017 in accordance with Section 8 Paragraph 1 BSIG, is primarily aimed at IT managers, IT operations staff and information security officers of the federal administration. But it can also serve as a guide for states, municipalities and the economy. More The BSI has separately published minimum standards, for example for the use of external cloud services or mobile device management.
More at BSI.Bund.de
About the Federal Office for Information Security (BSI)
The Federal Office for Information Security (BSI) is the federal cyber security authority and the creator of secure digitization in Germany. The guiding principle: As the federal cyber security authority, the BSI designs information security in digitization through prevention, detection and reaction for the state, economy and society.
Matching articles on the topic
