S 3.208 Internet PCs
Description
The use of the Internet has become a widespread and commonplace means of collecting information and communicating in the public sector and private enterprise. Other areas of growth include e-commerce and e-government applications. It is very convenient to offer the employees of an organisation Internet access directly on their workstation PCs. However, this is normally within a local network (LAN) resulting in potential additional threats for the organisation.
To avoid these problems or for other application-specific reasons, many government agencies and companies provide stand-alone "Internet PCs" An Internet PC is a computer that is connected to the Internet but that is not connected to the internal network of the organisation. If several Internet PCs are used, then these computers may also be connected to each other in a separate network so they can use a shared Internet connection, for example. Internet PCs are usually used to allow employees to use Internet services without exposing the local network to additional threats.
This module examines Internet PCs running a Windows or Linux operating system. It is possible to use standard browsers such as Internet Explorer, Firefox or Chrome, as well as e-mail clients such as Microsoft Outlook, Outlook Express, Thunderbird or KMail to use the Internet services. Depending on the operational scenario, additional programs may be installed for the use of other Internet services, for example news, instant messaging, or Internet banking.
Threat scenario
The following typical threats to the IT-Grundschutz of an Internet PC are assumed to exist:
Force Majeure
| T 1.2 | Failure of the IT system |
Organisational Shortcomings
| T 2.1 | Lack of, or insufficient, rules |
| T 2.2 | Insufficient knowledge of rules and procedures |
| T 2.21 | Inadequate organisation of the exchange of users |
Human Error
| T 3.1 | Loss of data confidentiality or integrity as a result of user error |
| T 3.3 | Non-compliance with IT security measures |
| T 3.9 | Improper IT system administration |
| T 3.38 | Errors in configuration and operation |
Technical Failure
| T 4.22 | Software vulnerabilities or errors |
Deliberate Acts
| T 5.1 | Manipulation or destruction of equipment or accessories |
| T 5.2 | Manipulation of information or software |
| T 5.21 | Trojan horses |
| T 5.23 | Malicious software |
| T 5.43 | Macro viruses |
| T 5.48 | IP spoofing |
| T 5.78 | DNS spoofing |
| T 5.87 | Web spoofing |
| T 5.88 | Abuse of active content |
| T 5.103 | Misuse of webmail |
| T 5.143 | Man-in-the-middle attack |
Method recommendation
To secure the information system examined, other modules will need to be implemented in addition to this module. These modules are selected based on the results of the IT-Grundschutz modelling process.
If a company or government agency plans to provide one or more Internet PCs, then the following steps should be taken in terms of IT security:
- Design of Internet PCs (see S 2.234 The design of Internet PCs)
It is necessary at the beginning to answer some basic questions relating to use, for example which Internet services should be used and who is responsible for the administration of the Internet PCs.
- Guidelines for the use of Internet PCs (see S 2.235 Guidelines for the use of Internet PCs)
Mandatory guidelines must be specified for the secure use of Internet PCs. This includes, for example, who is allowed to use the Internet PCs when and for what purpose, and could possibly include how the data will transported between the Internet PCs and the in-house network.
- Secure installation of Internet PCs (see S 4.151 Secure installation of Internet PCs)
Due to their connection to the Internet, the applications installed on the Internet PCs and the data stored on them are subject to additional threats. For this reason, careful selection and secure installation of the operating system and software components is especially important.
- Secure configuration of the installed components
Depending on the security requirements, the software components needed may require different configurations. This applies especially to the browser (see S 5.93 Security issues relating to the use of web browsers by Internet PCs), the e-mail client (see S 5.94 Security issues relating to the use of e-mail clients by Internet PCs), and any special e-business software used.
- Secure operation of Internet PCs (see S 4.152 Secure operation of Internet PCs)
One of the most important security safeguards when operating an Internet PCs is the prompt and systematic installation of security-related patches and updates. Along with the operating system and the protection against malware, the browser and e-mail program must also be kept up-to-date. Critical system events should also be logged to ensure that any attempted attacks or instances of improper use are detected.
- Data protection on Internet PCs (see S 6.79 Protection of data on Internet PCs)
The data backup procedure and the amount of data backed up depend on the operational scenarios of the Internet PCs.
This module provides recommendations for the design, configuration, and operation of such an Internet PC. It is important to note that the safeguards listed here are not adequate for a standard workstation PC that is normally used to operate several different applications and with which data requiring protection is processed. This safeguard bundle is only intended for the special "Internet PC" operational scenario. Suitable IT security recommendations for standard workstation PCs are described in other Layer 3 client modules.
The bundle of safeguards for the "Internet PCs" module is presented in the following.
Planning and design
| S 2.234 | (A) | The design of Internet PCs |
| S 2.235 | (A) | Guidelines for the use of Internet PCs |
| S 4.41 | (Z) | Use of a appropriate security products for IT systems |
| S 5.66 | (B) | Use of TSL/SSL |
| S 5.92 | (B) | Secure connection to the Internet of Internet PCs |
Implementation
| S 4.151 | (B) | Secure installation of Internet PCs |
| S 5.91 | (A) | Use of personal firewalls for clients |
| S 5.98 | (C) | Protection from misuse of chargeable dial-in numbers |
Operation
| S 2.313 | (A) | Secure registration with Internet services |
| S 4.3 | (A) | Use of virus protection programs |
| S 4.152 | (B) | Secure operation of Internet PCs |
| S 5.59 | (A) | Protection against DNS spoofing in authentication mechanisms |
| S 5.93 | (A) | Security issues relating to the use of web browsers by Internet PCs |
| S 5.94 | (A) | Security issues relating to the use of e-mail clients by Internet PCs |
| S 5.95 | (B) | Secure e-commerce using Internet PCs |
| S 5.96 | (A) | The secure use of webmail |
Contingency Planning
| S 6.79 | (A) | Protection of Data on Internet PCs |