Sign up now to get your free virtual ticket to the Code-Less/No-Code Summit on November 9. Hear from executives from Service Now, Credit Karma, Stitch Fix , Appian, etc looking for more information.
If you haven’t heard of the enterprise browser category by now, you might want to check your circuit. Newcomers to network security space is nearby catch fire in the media and with investors, reinforcing their concept of a “secure business browser” (SEB) on the CISO radars with a view to reinforcing what remains in the perimeters security of their organization.
Earlier this year, Island, author of Enterprise Browserbecame one of the fastest companies ever to achieve Unicorn status after securing $115 million in venture capital just weeks after emerging from stealth (at a valuation of $1.3 billion). Meanwhile, Talon Cyber SecurityThe creator of the TalonWork browser, announced the closure 100 million dollars series A just early last month (they don’t reveal their value). Both are significant sums of money, especially for two young startups operating in an entirely new niche. At the same time, these attention-grabbing investments are not entirely surprising, given the scope and severity of the challenges facing CISOs in the new world of hybrid work.
Combined, browsing work provides fertile soil for SEBs
The the increase of combined workcombined with the increase of enterprise SaaS application, has fundamentally reshaped both the way we work and the IT architecture that enables it. Under this new model, web browsing has become the primary point of access through which the average employee performs nearly all of their day-to-day responsibilities – from checking email, making spreadsheets to sharing files and manage the development process.
While this growing “browsing” trend has certainly benefited workplace productivity, it has also left enterprise security teams scrambling to bolster their defenses between a bunch of unreliable, unmanageable web connections. According to one recent report from Menlo Security, nearly two-thirds of organizations have had devices compromised by a browser-based attack in the last 12 months alone. And there’s no sign that this trend will slow down anytime soon.
In March of this year, Google published a blog post confirms a significant increase in high-severity threats affecting Chrome and other Chromium-based browsers (i.e. Microsoft Edge, Brave) and warns that this trend is likely to continue in near future. While they point to a number of contributing factors to the recent increase in Chromium-based mining practices – including an increase in vendor transparency – they also point to the fact that Browsers (and Chromium-based browsers in particular) are increasingly becoming attractive targets for malware actors, thanks to both their increasing complexity and popularity.
Browsers increasingly reflect the complexity of operating systems – providing access to peripherals, file systems, 3D rendering, GPUs – and more complexity means more more error”.
With web browsers becoming more and more like operating systems in both form and function, malicious actors are intensifying their efforts to sabotage them in increasingly sophisticated ways. It’s no surprise that these conditions have become fertile ground for cybersecurity startups. Venture capital for cybersec startups has skyrocketed almost 30 billion dollars in 2021 – more than double the amount invested just a year earlier, lending some important context to the spotlight funds secured by this new SEB team.
Minimizing friction, maximizing flexibility becomes mission critical in the safe browsing space
With the recent emergence of the web browser as the primary gateway to work for the modern employee, it has become mission critical for space-targeted security solutions to minimize friction. to the end user as much as humanly possible.
For players in the secure enterprise browser space, that has translated into the near-global embrace of Google’s open-source Chromium project – the code base that Google’s Chrome and Edge browsers use. Microsoft is based on that. With more aggregate market share sixty seven%Chrome and Edge represent the closest thing to market dominance one can reasonably expect for the great browser space, driving the SEBs’ decision to build their solutions. on Chromium is a wise decision.
Going with Chromium allows SEB to minimize friction for as many end users as possible – allowing Chrome and Edge users to import preferences, plugins, and other personalizations to minimize friction at the point of time apply. Considering the fierceness with which most corporate employees protect their preferred workplace tools, this will be an important differentiator for future SEBs.
However, while SEB category decision makers have certainly improved ratings and file user adoption by building on Chromium, they still need staff to adopt a browser. new; and administrator to accept the installation and management of another endpoint agent.
What’s next? Going beyond the browser…
While SEB is a welcome improvement to today’s status quo of secure web portals and remote browser isolation, one cannot fail to note some inherent limitations to the fundamentals. . And as browsing becomes increasingly central to the workplace, you can be sure that the wave of safe browsing won’t stop at SEB.
The first and foremost thing that next-generation solutions must address is the growing gap between web browsers and the act of browsing. The English language doesn’t help anyone in this regard, but the bottom line is this: Not all web browsing is actually happen in web browsers, and by a sizable margin.
As of 2019, the average enterprise SaaS category has up 44.2% annual. While many of the most widely used enterprise SaaS applications – such as Slack, Outlook, and Dropbox – maybe are accessed through the browser, that doesn’t necessarily mean they are. Many users still choose the native desktop versions of these apps for a variety of reasons, ranging from the premium user interface and extensive functionality to simple routines.
Whatever the motive may be, the moment a user clicks a link or accesses a remote file in one of these apps, they’ve effectively moved the browsing action beyond the browser’s own view. web. This often overlooked segment of the browsing attack surface remains a concern for not only SEBs but virtually all popular secure browsing solutions today.
For now, policies that mandate the use of web apps in secure browser environments (as opposed to desktop versions of stated apps) can act as a backstop. useful. However, one can’t help but feel the need for a more comprehensive solution to this particular problem – especially given the notorious reputation of friction that inspires non-compliance and IT gloss. .
If we hope to secure total attack surface browsing, moving forward, the next generation of secure browsing solutions must find an efficient, low-friction means to protect the growing segment of the browsing attack surface this.
Reinventing the safe browsing experience
In the future, hopefully widely adopted secure browsing solutions must move towards an agentless, agnostic architecture – one that is capable of securing the entire browsing vector, regardless of browser, application or device; and do so without unduly disrupting the end-user’s experience. And in an age of pervasive apps and overwhelmed IT departments, easy deployment and management on the admin side will be a key value proposition for next-generation solutions looking to assert themselves. identify this budding new category.
An important first step in the battle for safe browsing rights
The dawn of the enterprise browser is an important first step in the right direction for a cybersec field plagued by the new world of work from anywhere. While efforts have been made in the past to create a secure browser, it seems that now is the right place and the right time for the concept to eventually succeed – and not one. one afternoon early.
But if history teaches us anything, it’s what we must accept not at all Technology in the workplace is no easy feat. The best security tools, the ones that stand the test of time, are sure to work behind the scenes, protecting users without them even knowing of their presence. While secure enterprise browsing is certainly a welcome development in today’s rapidly evolving threat landscape, we’re sure to see even more innovations in the months and years to come. .
Dor Zvi is the co-founder and CEO of Red Access.
Welcome to the VentureBeat community!
DataDecisionMakers is a place where professionals, including technical people who work with data, can share data-related insights and innovations.
If you want to read about cutting-edge ideas and updates, best practices, and the future of data and data technology, join us at DataDecisionMakers.
You can even consider contribute an article your own!