In a few short years, the enterprise workplace has been transformed.
Most corporate work used to take place inside physical offices. IT systems and security stacks were built to support this predominant model, with various workarounds for a relatively small contingent of remote workers. Businesses ran applications — mostly on-premises — with interfaces designed specifically for company-owned machines running Windows or MacOS.
Today, the majority of workers are remote. Use of the public cloud has soared. Bring-your-own-device (BYOD) and third-party contractors are common. And the everyday, consumer web browser has become the default front-end for enterprise and third-party SaaS applications.
However, many of these trends also come with security drawbacks that leave organizations more vulnerable to attacks, prompting Gartner to recommend that security leaders look beyond traditional approaches to security monitoring, detection and response to manage a wider set of risks. We must rethink more than just security. The enterprise also needs to reimagine how to secure the modern workplace without crimping user experience or hurting worker productivity.
Enter the enterprise browser
New thinking has arrived, in the form of a surprising package – enterprise browsers, or web browsers built for enterprise security and productivity.
Enterprise browsers have rapidly become one of B2B tech’s hot new categories. Along with us, there are many other companies competing in this new product category: Appaegis, Google BeyondCorp., LayerX, Red Access, Seraphic, and Talon. The most advanced business browsers include security controls, visibility and governance built-in, giving enterprises the ability ability to let workers interact with web apps and their underlying data, safely, and productively.
The best enterprise browsers are engineered to address the inherent vulnerabilities that arise when companies rely on consumer browsers for enterprise work. After all, the consumer browser was never designed as an enterprise application. As a result, organizations compensated by deploying a complex and expensive security stack: gateways, cloud access security brokers (CASBs), data loss prevention (DLP), firewalls, VPNs, and other third-party security programs that challenges security teams and workers alike.
By contrast, enterprise browsers address the questions Forrester Senior Analyst Paddy Harrington posed when contemplating the web browser as the primary tool for business apps:
- Who accesses the web app, and can I trust the user really is who they say they are?
- Can they copy the data off the web page?
- Can they download the data?
- Can they upload malicious content into the web app?
Enterprise security teams have long struggled with these questions. That’s no longer the case. Advanced enterprise browsers let security teams set deep, fine-grained policies that govern browser behavior for every app and individual user in every possible scenario.
Chromium: the engine for the enterprise browser
So, why didn’t anyone think of the enterprise browser sooner?
Some did. Technology history has been riddled with failed attempts at “secure browsers” that focused on add-ons, hypervisors, and other clunky approaches that created more problems than they solved.
Unlike previous generations, today’s best-in-class enterprise browsers take advantage of Chromium, the open-source browser project that aims to build a safer, faster, and more stable way for users to experience the web. Chrome, Edge, Opera and many other popular browsers are based on the Chromium code base.
In the years since its inception in 2008, Chromium has matured into a powerful web platform that offers:
- Speed: Chromium runs fast and efficient, making browsing smoother and more enjoyable.
- Security: The code includes core security features to ensure users are protected from threats like malware and phishing attacks.
- Compatibility: Chromium has strong support for modern web standards, so websites will generally look and behave the same across all browsers.
- Cross-platform support: There are versions available for Windows, Mac, Linux, and other operating systems.
- Customizability: Because it’s open-source, developers can create and distribute extensions, themes, and other modifications to the browser.
While Chromium serves as a great baseline for enterprise browser innovation, not every enterprise browser company takes the same approach to product development – and that’s why companies that evaluate enterprise browsers should conduct some due diligence.
Many newer entrants aren’t building their products based on Chromium. Instead, they tout tweaking consumer browsers, mainly via extensions and plug-ins, as a simpler path to enabling enterprise browser capabilities. Extension-based products are inherently limited, and can add unwelcome complexity for deployment and updates. In addition, there’s danger in putting all the eggs in the extension basket, as they are at the mercy of the browser vendors that can deprecate extension capabilities with a routine update.
Organizations can realize the real power of an enterprise browser when product development teams — in the true spirit of open-source software — contribute to and improve the Chromium source code itself, creating their own innovations based on that code.
It’s this deep engineering work that’s allowing for the most advanced enterprise browser capabilities, such as policies that offer access to only certain areas of an app depending on user roles, device posture, network connection, and other parameters.
Enterprise browsers, underpinned by Chromium’s powerful web engine, represent a more secure and simple way for organizations to deliver a high security posture, while better serving the business and individual workers. It’s a new technology category that every large enterprise should evaluate.
Bradon Rogers, head of customer success, Island