Against a macro trend/backdrop of platform and convergence, the industry is exploring places where identity security, endpoint security, and network security naturally meet. This intersection is the navigator.
The Browser: The Intersection of Identity, Endpoints, and Network Security
Because?
- If we expect identity security, it must be linked to users, their permissions, authorization and authentication.
- If we expect security for the endpoint, it must be running on the endpoint or be able to secure the endpoint itself.
- If we expect network security, it must handle most (if not all) inbound and outbound traffic.
The browser meets all these requirements. It runs on the user’s endpoint, its primary purpose is to make and receive web requests, and since it is only used by human agents, it intrinsically uses identity elements.
Secure enterprise browsing solutions can significantly improve security posture while simplifying the technology stack. Injecting security features into the most used application means that end users do not experience additional friction introduced by other security products. This is an attractive proposition, so we expect that enterprise browser adoption will likely increase significantly in the coming years.
So what does it mean? Because they can enforce security policies for users accessing web resources, secure enterprise browsing solutions can replace more complicated secure access solutions (those that require routing traffic through proxy servers or inserting more devices), such as virtual private networks, secure web gateways, virtual desktop infrastructure, browser isolation, and cloud access security agents.
What it doesn’t mean is that it can replace your EDR, firewalls or identity security solutions. On the contrary, secure business browsing solutions work best in conjunction with these. For example, solutions can inherit user attributes and identity and access management security policies, while integrations with EDR solutions can help with operating system-level controls.
The two-way magic of the browser
Users are something to be protected and protected from. By controlling both inbound and outbound traffic, multiple types of interactions can be ensured, namely:
- Protect end users from malicious web resources and phishing attacks.
- Protect companies from negligent users.
- Protect companies from malicious insiders.
- Protect companies from compromised accounts.
I don’t know of any other type of solution on the market that can offer all of the above with a single product. A secure browsing solution can fill many gaps in an organization’s security architecture, for both large and small organizations.
The market is still in the early stages, so the most responsible way to implement these solutions is as an add-on to your current security stack. As these solutions mature and prove effective in the real world, they can support a mandate to replace other security solutions that are inadequate or obsolete.
Next steps
For more information, take a look at the Key Criteria and Radar reports from GigaOm’s secure enterprise browsing solutions. These reports provide a comprehensive overview of the market, outline the criteria you will want to consider in a purchasing decision, and evaluate the performance of various suppliers based on those decision criteria.
If you are not yet a GigaOm subscriber, register here.
