Secure your browser
There is no one perfect set of browser settings that will work for all internet users. For example, if a website only works if Adobe Flash is installed, you must decide whether you avoid the website to stay secure or to visit the website and accept the risks. In April 2017, as part of its work to safeguard information security in the German federal administration, the Federal Office for Information Security (BSI) published a standard for the safe use of web browsers.
By implementing and complying with the requirements set out in this document, users can achieve the minimum basic security level recommended by the BSI. For ease of reference, the BSI has published a guidance document and comparison table that summarises the implementation status of the various security requirements for all common browsers used in the German federal administration.
The table allows internet users to see at a glance which browsers offer which security functions. The requirements include security standards for the available TLS protocols and certificates and for managing cookies. In addition, options for deploying sandboxing mechanisms and encapsulation are also listed.
General recommendations:
Where possible, use a browser with sandbox technology and a steady stream of security updates. Avoid the use of active content if you do not need it; this is particularly important for technologies such as Java, which are delivered via additional plug-ins and are not directly supported by the browser. If you do have to use active content, deactivate it while you are surfing and only activate it when you are accessing a trusted website. Activate the anti-phishing and anti-malware features integrated into all of the most widely used browsers.
Security settings for the most common browsers
Guidance and instructions relating to the security settings for the most common browsers can be found on the relevant help pages:
Firefox:
- Security settings: https://support.mozilla.org/de/products/firefox/privacy-and-security
Recommendation: Use the standard settings defined by Firefox. Deactivate the option 'Save passwords'. If you do want to save passwords in your browser, always use a master password (follow the guidelines forcreating a secure password).
Internet Explorer:
- Security settings: https://support.microsoft.com/de-de/help/17479/windows-internet-explorer-11-change-security-privacy-settings
Recommendation: Block ActiveX control elements. Use the latest version of Internet Explorer that is compatible with your Windows version.
Chrome:
- Security settings: https://google.com/intl/de_ALL/chrome/security/
- Block active content in Google Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&answer=142064
Recommendation: Under 'Block plugins' select 'Click-to-Play'.
Opera:
- Security settings:https://help.opera.com/
- Guide to security and privacy in Opera https://de.opera.com/browser/tutorials/security/
Safari:
The User Guide on the Apple website provides additional information on browser security settings.
- Short URL:
- https://www.bsi.bund.de/dok/6596568