The use of a web browser typically involves some data being accessed from non-trusted sources. This data can contain malicious code (viruses, Trojans, spyware, etc.) and infect the IT device unnoticed, so that secure operation is no longer possible. This can lead to the loss of availability, confidentiality and integrity of sensitive data. The use of web browsers therefore represents a risk in the first instance. These risks should be minimized by implementing and complying with this minimum standard.

This minimum standard describes security requirements for web browsers that are used on workstations or mobile devices of the federal administration. These requirements must be adhered to in order to achieve a minimum level of information security.

Update 2024: The minimum standard for web browsers has been revised and published in version 3.0. The supplementary browser comparison table and the reference table for IT baseline protection have also been updated accordingly. The current documents are now available for download. A list of the most important changes to the minimum standard compared to the previous version can be found here: Overview of changes to the minimum standard for web browsers. The older versions of the minimum standard can be found in the archive.

Download minimum standard (only available in German)

Mindeststandard des BSI nach § 8 Abs. 1 Satz 1 BSIG für Webbrowser

Download browser comparison table (only available in German)

Abgleichstabelle von Webbrowsern mit dem Mindeststandard für Webbrowser

Download IT-Grundschutz reference table (only available in German)

IT-Grundschutz-Referenztabelle zum Mindeststandard des BSI nach § 8 Abs. 1 Satz 1 BSIG für Webbrowser (IT-Grundschutz-Kompendium – Edition 2023)