German government makes recommendations for secure Windows PCs
The German Federal Office of Information Security (BSI, BSI English) has compiled security recommendations for Windows PCs that will probably sound familiar to regular readers of The H: Anti-virus software – including free solutions –, backups, security updates, an alternative browser such as Google Chrome and "a healthy level of mistrust" are the main components of its proposal for a secure Windows PC. As the UK lacks a governmental organisation that makes such recommendations, as usually such organisations recommend policy for public projects, it is worth seeing what Germany's BSI suggests.
There are separate recommendations for private users and for small businesses and freelancers. Both sets of recommendations refer exclusively to Microsoft Windows based systems; Mac OS X and Linux are not even mentioned. Rather than advocate maximum levels of protection irrespective of cost, convenience or available functionality, the BSI's security recommendations try to outline a reasonable compromise that provides sound basic protection.
In particular, the BSI avoids supporting those in the business of spreading fear and explicitly points out reliable free solutions such as Microsoft Security Essentials, Avira, Avast, Secunia PSI and ThreatFire that have all previously featured on The H and in heise Security and our sister publication, c't magazine, in Germany. Those in the security software business won't enjoy reading statements that installing an additional firewall is no longer required, as systems are now adequately protected against attacks from the net by the firewall that is included in Windows 7.
That the BSI recommends Google Chrome as a safe alternative browser will come as a surprise to some. According to the guidelines, this browser's sandbox and auto-update feature considerably improve its security; a view that is shared by many security experts.
(djwm)