S 1.10 Standard software
Description
The term standard software refers to software that is commonly available on the market and that can generally be purchased from dealers, for example by catalogue. It is characterised by the fact that it is installed by the user and only requires minimum customisation.
This module presents an approach for handling standard software from a security perspective. The entire life cycle of standard software is considered here: drawing up of a requirements catalogue, preselection of a suitable product, testing, approval, installation, licence administration and deinstallation.
The quality management system of the developer of the standard software is not presented in this module. It is assumed that the software was developed in accordance with the usual quality standards.
The approach described serves as a guide for establishing a security process for standard software. If necessary, the approach described in this module can also be used as a basis of comparison for procedures already in use.
Threat scenario
The following typical threats to the IT-Grundschutz of "standard software" will be examined:
Force Majeure
| T 1.2 | Failure of the IT system |
Organisational Shortcomings
| T 2.1 | Lack of, or insufficient, rules |
| T 2.2 | Insufficient knowledge of rules and procedures |
| T 2.3 | Lack of, inadequate, incompatible resources |
| T 2.7 | Unauthorised use of rights |
| T 2.26 | Lack of, or inadequate, test and release procedures |
| T 2.27 | Lack of or insufficient documentation |
| T 2.28 | Violation of copyright |
| T 2.29 | Software testing with production data |
| T 2.67 | Incorrect administration of site and data access rights |
Human Error
| T 3.2 | Negligent destruction of equipment or data |
| T 3.3 | Non-compliance with IT security measures |
| T 3.8 | Improper use of the IT system |
| T 3.16 | Incorrect administration of site and data access rights |
| T 3.17 | Incorrect change of PC users |
Technical Failure
| T 4.7 | Defective data media |
| T 4.22 | Software vulnerabilities or errors |
Deliberate Acts
| T 5.2 | Manipulation of information or software |
| T 5.9 | Unauthorised use of IT systems |
| T 5.21 | Trojan horses |
| T 5.23 | Malicious software |
| T 5.43 | Macro viruses |
Method recommendation
To secure the information system examined, other modules will need to be implemented in addition to this module. These modules are selected based on the results of the IT-Grundschutz modelling process.
A series of safeguards must be implemented for standard software starting in the usage planning phase, through the purchasing phase, and up until it is withdrawn from operation. The steps which should be taken to accomplish this as well as the safeguards to implement in each phase are listed in the following.
Planning and design
Before selecting a certain piece of standard software, a requirements catalogue should be created so that a product can be selected based on objective and understandable criteria and so you will have a certain level of confidence that the most ideal product is selected and used. When selecting relatively complex products, the persons responsible for their purchase and use should be specified in this phase.
Purchasing
When purchasing, it is possible to check which product available on the market offers the most suitable functionality based on the detailed specifications in the requirements catalogue.
Implementation
Adequately detailed tests should be performed to ensure that the selected product actually possesses the functionality specified in the documentation. If the product is to be used on a broad basis, then its installation must be integrated into the existing installation procedures, and the installation itself must be documented. The product should only be approved for widespread use after it has passed all tests successfully and after completion of all necessary preparations.
Operation
When using standard software, it is necessary to continuously monitor the versions installed as well as to determine the number of licenses available and compare it to the number of product installations.
Disposal
The clean deinstallation of standard software is often an extensive and complex task that may even result in the need to install new computers in some cases.
The bundle of security safeguards for the "standard software" module is presented in the following. Depending on type and complexity of the particular piece of standard software, it may be necessary to consider implementing scaled-down versions of individual safeguards. Safeguards S 2.79 through S 2.89, in that order, describe in detail how to plan the life cycle of a piece of standard software. They are supplemented by the safeguards listed below.
Planning and design
| S 2.79 | (A) | Determining responsibilities in the area of standard software |
| S 2.80 | (A) | Drawing up a requirements catalogue for standard software |
| S 2.82 | (B) | Developing a test plan for standard software |
| S 2.378 | (Z) | System development |
| S 2.379 | (Z) | Software development by end users |
| S 4.34 | (Z) | Using encryption, checksums, or digital signatures |
Purchasing
| S 2.66 | (Z) | The importance of certification for procurement |
| S 2.81 | (B) | Preselection of a standard software product |
Implementation
| S 2.83 | (B) | Testing standard software |
| S 2.84 | (A) | Deciding on and developing the installation instructions for standard software |
| S 2.85 | (A) | Approval of standard software |
| S 2.86 | (B) | Guaranteeing the integrity of standard software |
| S 2.87 | (A) | Installation and configuration of standard software |
| S 2.90 | (A) | Checking delivery |
| S 4.42 | (Z) | Implementation of security functions in the IT application |
Operation
| S 2.88 | (A) | Licence management and version control for standard software |
Disposal
| S 2.89 | (C) | Deinstallation of standard software |