SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Advanced Persistent Threat Protection
#
Cybersecurity
#
Hybrid & Remote Work

Slow adoption of enterprise browsers: A closer look at barriers

Mon, 27th May 2024
By Dakshitaa Babu, Security Researcher, SquareX

After decades of firewalls and cloud-based proxies, the cybersecurity industry is now moving towards browser-centric security solutions, as documented by recent Gartner forecasts.

"By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience." - Gartner. 

This prediction comes at a time when many seasoned and emerging players are entering the enterprise browser market. Yet, there is a lag in adoption. With all the momentum, why do forecasts suggest a 25% adoption rate over the next five years? What barriers are preventing enterprises from integrating these technologies today?

Access-Control Focused Browser Security

Enterprise browsers provide security administrators with better control over user activities and centralized management capabilities. Administrators can define and enforce detailed security policies, such as controlling access to specific websites, blocking unauthorized downloads, and preventing risky online behavior, which are essential for maintaining security standards and compliance with regulatory requirements. Additionally, these browsers enable security teams to manage browser settings from a central point, allowing for swift deployment of updates and policies across the organization.

Adoption Friction: The Core Challenges

Despite the benefits they bring, enterprise browsers face several barriers to widespread adoption. One of the primary obstacles is the complexity and resource demands involved in deploying these browsers. Integrating an enterprise browser into an organization's existing IT infrastructure often requires modifications, which can deter them from undertaking the transition.

Enterprise users are accustomed to specific workflows and interfaces, and changes to user experience can occur when switching to a new browser platform. This disruption can temporarily reduce productivity and increase resistance among staff, who may be reluctant or slow to adapt to the new system.

Enterprise browsers must integrate with a host of existing applications and systems, and any incompatibility can lead to operational disruptions, frustrating users and impeding productivity. Such challenges can make organizations hesitant to adopt a new browser, particularly if it might lead to further operational complexities or necessitate additional investment to resolve compatibility issues. Simultaneously, vendor lock-in compounds these challenges by making organizations dependent on a single provider's technology roadmap for the development of their internal applications. This dependence can restrict their flexibility and bargaining power, complicating their ability to adapt or switch providers as needs or opportunities evolve.

Vulnerabilities and Security Gaps

While enterprise browsers offer tailored security features, they often lack the comprehensive security capabilities found in more established browsers like Chrome and Edge. For instance, enterprise versions may not include the most current security blocklists or rapid updates that address new vulnerabilities. Numerous reports by security vendors highlight that Chrome consistently outperforms other browsers in responding to security threats, including zero-day and one-day vulnerabilities. Even commercial Chromium-based browsers, such as Opera, Brave and Vivaldi experienced 2 - 10 day lag time before patching zero-day and one-day vulnerabilities. An instant response is essential in keeping enterprises protected from breaches - one that only a commercial giant like Chrome has been able to keep up with so far. For enterprise browsers to gain broader acceptance, they must not only match but also exceed the security and functionality standards set by established browsers. 

Considering the limitations of Enterprise Browsers, alternative solutions such as Managed Browsers and Browser Extensions and agents are better suited to carry out browser security surveillance, threat detection and mitigation. They are capable of all the access-control features that enterprise browsers can provide with none of the adoption friction. For the most part, an employee will not feel the difference in the user interface between his personal Chrome application and a managed Chrome Enterprise. 

Companies like SquareX are at the forefront of attack-focused browser security, detecting and mitigating contemporary attacks that happen through the browser. These companies take browser security to the next stage - beyond policy management and access control. The cherry on top of the cake is the ease of deploying a browser extension quickly and quietly, with no disruption to the prevailing user experience.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Gartner report criticises SOAR systems, Acora defends approach
Cequence Security announces strategic partnership with Netskope
HackerOne launches PartnerOne to expand global cybersecurity access
Veeam launches enhanced backup solution for Microsoft 365
NetApp enhances IT infrastructure for Semyung University
Top stories
Forescout's 2024 H1 Threat Review reveals surge in cyber threats
Andre Schindler promoted to SVP at NinjaOne amid growth
Indosat launches IMSecure to bolster customer data protection
Absolute Security acquires Syxsense to boost resilience platform
Cybercriminals use legitimate software for attacks increasing