Use environment

1. Regularly check security alerts provided on
   
   https://advisories.stormshield.eu/.
2. Always apply the software update if it contains a security breach correction. These updates are available on your customer area MyStormshield.

1. RSA keys of users and certification authorities must be a minimum size of 4096 bits, with a public exponent strictly greater than 65536.
2. Certificates and CRLs must be signed with the SHA-256 or higher digest algorithm.
3. If the keys are provided by a public key infrastructure (PKI), their generation and distribution must conform to best practices. See the ANSSI ANSSI-PA-079 guidelines.

SDS Enterprise supports the AES 256 encryption algorithm and the SHA-256 or higher signature algorithm.

For a use beyond the year 2030, the minimum size of an RSA key is 3072 bits.

1. The user accounts must be protected by the AES 256 encryption algorithm and SHA-256 cryptographic hash standard.
2. Passwords must be subject to a security policy that prevents weak passwords and limits the number of failures before the account is blocked.
   In Smart Card mode, the policy must follow the manufacturer’s recommendations.
3. Appropriate organizational measures must ensure the authenticity of policies from which the user accounts are created.
4. In case of using a hardware key ring (smart card or hardware token), this device protects the confidentiality and integrity of keys and certificates that it contains. Its PKCS#11 interface, installed by the System Administrator, provides secure access to user keys and certificates.

1. The workstation on which SDS Enterprise is installed must be healthy. There must be an information system security policy whose requirements are met on the workstations. This policy shall verify the installed software is regularly updated and the system is protected against viruses and spyware or malware (firewall properly configured, antivirus updates, etc.).
2. The security policy should also consider that the workstations not equipped with SDS Enterprise do not have access to shared confidential files on a server, so that a user can not cause a denial of service by altering or removing inadvertently or maliciously, files protected by the product.
3. Access to administrative functions of the workstation system is restricted only to system administrators.
4. The operating system must manage the event logs generated by the product in accordance with the security policy of the company. It must for example restrict read access to these logs to only those explicitly permitted.
5. The user must ensure that a potential attacker can not see or access the workstation when the SDS Enterprise session is open.

1. The security administrator is considered trusted. It defines the state-of-the-art SDS Enterprise security policy, possibly via the Stormshield Data Management Center application.
   Whenever this policy is modified, the security administrator signs it again before releasing it.
   He/she also defines the administration tool used, the smart card model deployed, the public key infrastructure implemented and any other tools required for secure use of the solution.
2. The system administrator responsible is also considered as trusted. He/She is responsible for the installation and maintenance of the application and workstation (operating system, protection software, PKCS#11 interface library with a smart card, desktop and engineering software. He/She applies the security policy defined by the security administrator.
3. The user is a non-hostile person, trained in the use of the product. They must comply with the security policy in force in their organization, and in particular not share their credentials.

The security policy used in the SDS Enterprise Common Criteria assessment, known as the "Diffusion Restreinte Policy", is as follows: