I say that because I’m more so in IT sales than an IT professional. I’ve been hearing buzz about Enterprise Browsers and how that’s the next “big thing” in cybersecurity. I’ve been doing my own reading and frankly I’m not sold. Maybe I’m missing something that’s why I wanted to ask on here.
I get a lot of my genuine advice on how to best work with and sell to IT professionals from Reddit and I’m hoping to get honest opinions on this too!
Do you really think the hype around Enterprise Browsers is real?
Enterprise Browsers are replacing VPN licensing and other security related licensing costs.
The browser like Island and now Citrix Enterprise Browser supply a secure way to enterprise resources in the cloud and on prem. Most good enterprise browsers will offer a type of broker that allows connectivity in your on prem infrastructure. This gives you a sandbox browser of your corporate data with policy engine, DLP controls and more.
Think about that user who doesn’t quite need to be purchased a full laptop / desktop with VPN and other security licenses. Give them a link to download the browser, log in with their work credentials / SSO and now they have access to data they need from their own device.
It’s not for everyone but if you target the right audience, it has great value.
I was just pitched this exact thing on Tuesday. I get it from a security standpoint but I have no doubt that it will end up breaking a ton of things and require a lot of babysitting.
I think you’re talking about different things. “Enterprise Browser” is the buzzword for what’s basically a virtual desktop that streams a browser to you, meaning it’s literally not running on your machine. It’s been around long enough to safely say it’s not going to revolutionise security in the way it’s promoted.
Thats not what he is referring to.
For example, Palo Alto has enterprise browsers thats part of their whole Prisma package. Like others have said, it provides far superior protection thank typical web browsers. We are looking heavily into getting it
What are your thoughts on Enterprise browsers companies that are coming up like Island? I feel like I hear about them more and more but I’m not sure if its just smoke and mirror or if this is really where the industry is going.
If you’re enforcing policies, then you’re already using an enterprise browser. For example if you deployed chrome enterprise via the MSI, it comes with ADM GPO templates and Intune compatibility. Edge by default in an M365 environment is an enterprise browser by default. Just need to configure and secure it. You’re already doing it.
It’s not about just policies. It’s accessing corporate data with those same policies from any device, anywhere. Not just your own corporate network. These browsers are isolated environments and can be deployed from personal devices.
Say you have locked down corporate websites that you can only get to from a corporate device. Pretend that website is Workday and you want your user to check his paystub.
If that user was remote you would either send that user a laptop with VPN on it and tell them to go to Workday and check their paystub.
Or maybe have them go to Citrix and log into Citrix environment and get to Workday through a published desktop or published app.
Now, instead you can tell them to go to this link. Download and install “enterprise browser” and log in with their work credentials.
The identity and the browser now grant access to the Workday site and that browser polls against tenant and gets all the policies that are assigned to that user which include browser policies, DLP rules, full auditing, etc.
It can be a lower cost alternative to VPN. If you are familiar with MAM policies in Intune. It’s similar concept but all contained into the single browser.
Panw prisma access browser or used to be Talon can create a tunnel and filter traffic hard. Also blocking screenshot, copy paste sensitive data, monitor lots of things on browser. Especially nowadays app are web based more too so i think enterprise browsers are interesting
What he said - we use it and love it (Island Enterprise Browser). More access to BYOD users, DLP, VDI reduction (this was big for us), has a lot of features / controls.
I don’t think that’s what “Enterprise Browser” means. For example the Island Browser OP mentioned is not virtualized. It’s just a Chromium browser with a secure baseline, kind of like comparing it to Arch Linux for Linux distros.
I think what you’re referring to would be a “Virtualized Browser” where web sessions are virtualized (or containerized) in a sandboxed isolated environment. This used to be more common years ago when Citrix and VMware used to rule the landscape.
There is a lot of back and forth between the 2, so I don’t think you’re wrong either. I’m just throwing my thoughts on this and 2 cents.
I’m not familiar with Island, but just googled it and it’s just a Chromium browser. It looks like Island just has default security configurations to the most restrictive. So in my opinion it’s just as secure as a heavily hardened edge or chrome in an enterprise environment.
However it is interesting and may be worth looking into it building out infrastructure from scratch. I’m always a major fan when it comes to default security baseline to the most restricted. However, for someone that knows what they’re doing, Edge or Chrome in their environment probably makes more sense.
We were told this is “where the industry is going” like a decade ago and nothing ever happened. I think your information, or sales person, is just outdated.
, any app