Is it worth paying for an enterprise browser? [Q&A]
Why would you pay for a browser when all of the popular ones are available for free? If you're an enterprise it could be because a paid browser can address some key problems.
We spoke to CEO and co-founder of enterprise browser specialist Island, Mike Fey, to find out more about this category and what benefits it can offer.
BN: How is an 'enterprise browser' different from an everyday browser like Chrome or Edge?
MF: The web browser is the most commonly used application by enterprises everywhere, but ironically, it was never designed to be an enterprise application. The modern consumer browser was built to serve consumers, track user data, deliver hyper-targeted ads, and accelerate content search and discovery. They are great at all of that -- and deliver an awesome user experience, too. But they lack the fundamental controls enterprises need to ensure proper security, visibility, and governance over critical apps and data.
To compensate for the lack of enterprise features, organizations have surrounded the browser with an array of tools in order to protect data and applications, increasing complexity and cost, while degrading user experience. And further complicating things for customers is that traditional architecture struggles to handle the new cloud-native, work-from-anywhere, on-any-device model.
But what if there was a browser that was built for the enterprise? If, instead of having to surround it with countless controls such as gateways, CASBs, DLP, and firewalls, the security was built right into the design of the browser? And imagine if that solution was built for the enterprise in a cloud-first world.
That is precisely the nature of the Enterprise Browser. It is an environment where work is always protected even on unmanaged devices while ensuring the users maintain a smooth and familiar Chromium-based experience.
At Island, we designed the world's first Enterprise Browser to give enterprises complete control, visibility, and governance at the point where their work happens. This approach opens up countless new possibilities for solving challenges that have often evaded security and IT organizations.
BN: Can this help to prevent data leakage?
MF: Yes. With The Enterprise Browser, security extends everywhere it's needed without getting in the way of work. This means SaaS and internal web apps no longer leak data to the endpoint, BYOD and contract workers get to work without putting data at risk or adding layers of virtualization, user credentials are now safe from phishing or inappropriate re-use, users are protected from malicious content, consumer apps are now safely permitted inside the workplace, and much more.
At its core, the Enterprise Browser thwarts hacker victories by removing anything of value from the endpoint and the network.
BN: Does it reduce the software overhead at the endpoint?
MF: Yes. Most enterprise security tools are delivered as agents that are installed on the endpoint and run continuously in the background. As you add two, three, four, or more agents to your laptop, you start to notice a performance tax. What's worse, is each of those agents needs to be updated and patched, and if the operating system gets updated before the agent is ready, you can end up in an unworkable state. Not good.
In contrast, when you build those enterprise controls into the browser, you reduce that overhead. There are no extra always-running agents in the background, and the browser takes care of patching itself, so you don't need to worry about vulnerability or new capabilities. This model reduces the load of IT administrators who are responsible for endpoint configurations and significantly improves the experience for the end-users who enjoy a snappy, high-performance, and completely familiar browsing experience.
More broadly, because the browser sits at the point of impact for all user interactions with data and applications, the Island Enterprise Browser can simplify the security stack that traditionally required a mix of gateways, CASBs, web filters, DLP, protection, and detection solutions. In short, it introduces a new architectural approach that simplifies it all while extending even into unmanaged device footprints such as contractors, BPOs, and even BYOD.
BN: How effective is an enterprise browser at preventing attacks?
MF: Very effective. With a browser built to cooperate with the enterprise, everything around it gets smarter, simpler, and easier. Files are now scanned for data loss, malware, and other security policies before being downloaded, uploaded, or viewed. User identity and device posture inform access privileges, with direct access to SaaS applications and secure connectors that allow for native private app access without a VPN.
Credentials are protected against inappropriate reuse or malicious phishing attempts. Every web request is checked for risk and category-based safe browsing rules. And all the detailed browser activity is fed directly into your SIEM or other analytics platforms, to inform your SOC or analysis teams. Because it's a browser, policies are enforced locally for unmatched performance and dramatically simplified infrastructure requirements.
But the enterprise browser isn't just about security. For decades, enterprise IT, and security teams have been tasked with mission-critical jobs -- securing the enterprise from a deluge of cybersecurity threats while simultaneously boosting employee productivity and cutting costs.
Too often they've had to do their jobs with blunt instruments -- think on/off binary browser settings or 'bolt-on' browser extensions and outdated cybersecurity architectures that throw up blockades to frustrated employees trying to get a job done (to make matters worse, these blunt instruments often create entirely new, and unanticipated, security and management issues). The Enterprise Browser is secure by design, with the dexterity to apply security policies at the appropriate time while seamlessly allowing the users to work naturally.
BN: Can it help with remote working and BYOD policies?
MF: Yes, the Enterprise Browser is the ideal choice for remote work and BYOD. First, consider what organizations are doing today for onboarding contractors or others working on their own devices. It often entails elements like VPNs, virtual desktop infrastructure, or shipping custom-configured laptops around the world. Now, imagine having contractors and BYOD workers simply download the browser and log in with their existing credentials, and being presented with only the applications and data they need to do their work for the role serve. That’s the reality made possible by the Enterprise Browser. And the implications are significant. An organization can easily and quickly deploy a strong cybersecurity posture to hundreds or even thousands of geographically dispersed users while improving business outcomes and providing users with a seamless experience.
The bottom line is this new, emerging category of enterprise browsers deliver significant benefits to IT and security teams, simplifying IT operations, lowering costs, and delivering a great experience for end users. So perhaps a better question is, who wouldn't want to pay for that?
Photo Credit: Sergej Khakimullin/Shutterstock