I simply adore the browser! Often underappreciated and overlooked, it boasts rich functionality, a complex yet well underutilised architecture, and a wide array of features and tools, all meticulously designed with the internet user in mind.
However, a lot of the cool things browsers can do often fly under the radar, especially when it comes to a well-designed application like Island’s Enterprise Browser.
This kind of browser is a game-changer for any business! It boosts productivity, tightens-up security, and automates those boring manual tasks. Plus, it makes compliance reporting a breeze, gives you a clear view of your IT environment, cuts down on IT costs, and can even replace those clunky, expensive tools you might be using, like VDI or those pesky security agents. An enterprise-ready browser really can transform the way organizations work and can make the CIO, CISO or CPO a champion in the eyes of the CFO and the employee-base who we already know and love using the application.
“Unlocking Potential: How the Right Enterprise Browser Can Transform Your Business!”
My passion for browser technology began back in 2013 while I was working at a large biotech company in California. At the time, I was focused on finding ways to reduce ‘risky’ internet browsing by employees, which was leading to a host of cyber issues like malware infections, data loss, and privacy risks.
We were also expanding our facilities in China and increasing our remote workforce, relying more on contract workers. At the same time, our employee Works Councils in Europe were rightfully pushing for less intrusive security and use-monitoring solutions. It was a tough mix of sometimes conflicting requirements, and I genuinely believed the answer lay further upstream. I was convinced that simply adding more security tools to intercept workflows mid-stream wouldn’t address the real issues; we needed to focus on enhancing the user experience, not just exerting more control over how people got work done.
So this happened: I remember clearly sitting with one of my Consultant Firm Partners in my office one day and saying, “…wouldn’t it be great if we could have a (secure) browser with unfettered Internet access just for personal use by the employee? A browser that they could toggle from the corporate browser offering and frankly, a place that I don’t have to worry about (as the CISO) allowing me to focus on protecting the business channel and connections”.
The concept at the time was simply to bring the simplicity and freedom of the Starbucks Internet-Cafe experience to the employee working in a highly regulated industry. Seems logical, but let me tell you, that was a radical idea at the time and not without its detractors.
Nevertheless, less than 3-months later, the Partner left the Big Four firm and was now running WebLife Balance, a company that later sold to ProofPoint for $60 Million in 2017.
Getting Up-Close-and-Personal with the Device and User
I mentioned addressing cyber risk “upstream,” and this was arguably the most significant advantage of having the security embedded naturally within the browser’s own capabilities. By positioning control as close as possible to the user and their device—whether it’s a laptop, desktop, tablet, or smartphone—we created an architecture that maximises efficiency and positively influences user behaviour.
The browser serves as the gateway between vulnerable users and the risky internet. By embedding essential business and security features, including robust identity credentials, this ensures that security interacts with users in a natural and familiar way.
When I talk about “simplicity and freedom” with a private browsing experience, I’m was not advocating for unrestricted internet access but instead a hardcoded security profile to block access to certain categories and sites, but overall, it provided an open, unmonitored internet channel that employees appreciated.
This approach helped build trust within the workforce, allowing me to concentrate on managing cyber risk associated with business applications rather than getting tangled in the complexities of personal browsing.
Fast forward to 2024, and browser technology has evolved considerably; today’s browsers are more powerful than ever. However, much of this functionality remains underutilized in standard corporate offerings. What hasn’t changed is the business case for a well-designed Enterprise Browser: it continues to reduce IT costs, mitigate cyber risks, simplify infrastructure, and enhance both productivity and the user experience for employees. Let’s talk about Island’s Enterprise Browser and why I am an advocate.
2024 and the enterprise Browser Coming of Age – The Island Approach
What I really like about Island is that they turned our original idea back in 2013 on its head and I think it’s a far better approach. Instead of creating a separate “private browser” to serve the employee’s desire to surf the web without being tracked but still maintaining a secure enterprise, Island designed a browser that equally serves the employee and the business creating immense opportunity and a bi-directional benefit for both parties.
The other game-changer is the underlying, native technology and the use of open-source Chromium so nothing new is being introduced to the user or the device but instead it’s a better version of what they already rely on day in day out.
From the perspective of the CISO, integrating security controls into a single gateway application offers substantial benefits for data protection, access control, and productivity while delivering an excellent user experience. All web interactions are rigorously protected through a combination of file reputation checks, threat intelligence, categorisation, and static code analysis.
As an employee, my Island experience is not unlike a turbocharged virtual desktop or modern app-store without all the inherent drawbacks of these environments (latency issues, flaky connections etc.). I can use the Island enterprise Browser as a toggle thus switching seamlessly between the standard corporate browser (Chrome, Firefox, Edge etc.) and the secure zone enabled by the Island application or, Island can be configured to auto-select the appropriate channel depending on the nature of the call meaning what application the user wants to access or the data they want to interact with. Also, this level customisation can be done at the persona level meaning different security profiles can be attributed to different groups of users. That’s powerful when we think about maintaining proportionality.
All this is well and good, but not having a business problem to solve or use case to enable is like having a surfboard without a wave. Having been in the role of ‘buyer and consumer’ of the Island solution in my last role as CSO, I can attest to the fact that while I had a specific use case in mind (stopping Account Takeovers via Phishing), I was surprised by the direction we took with the initial deployment.
The first use case was a deployment to the businesses’ third party, Customer Service Agency (CS). We deployed a fully-configured, company branded and secure Island workspace to thousands of existing CS devices in minutes and the CISO of the outsourced party and I enjoyed a mutual partnership enabled by the shared transparency of the environment we had enabled via the Island console.
It was truly amazing and reinforced my belief that the best place to architect a company’s security organisation is between the employee and the Internet and not with multiple middle solutions that slow things down and create roadblocks and barriers to productivity. It was a big win at the time as third party risk management, specifically consumer and employee privacy was a strong argument for not moving to an outsourced operation.
Anyway, back to my original statement and why I think the browser is a powerful and yet greatly underestimated piece of software. Add to the mix the Island flavour which addresses all the modern needs of the Enterprise including Corporate IT and it’s really compelling.
I often think of these things in the context of “what’s in it for me?”. So here just a few:
For the Employee
- Confidence that the browsing activity is managed securely according to the company’s policies and yet not intrusive or obstructive.
- A familiar, user-Friendly experience leveraging the inherent granularity and power of Chromium.
- An intuitive interface for both users and administrators with easy navigation, and a customisable canvas.
- Speed and Performance with faster loading times, smoother scrolling, and efficient resource management.
- A rich feature set with a wide range of features such as personalisation of the browsing experience without compromising security. Extensions that provide additional functionality, such as ad blockers, password managers, and productivity tools.
For the CISO or Chief Privacy Officer
- Kill Account Takeovers stone dead, prevent malware and phishing attacks.
- Enhanced Security and Privacy with built-in features such as Private Browsing allowing users to browse the internet without saving history or cookies.
- Phishing and Malware Protection Browsers the detection and in-line blocking of malicious sites, protecting users from online threats.
- Application whitelisting for the most secure environments.
- Realtime device security posture inspection and enforcement.
- Cookie, token and password encryption out-of-the-box.
- Granular Data Loss Prevention capabilities.
- An additional identity layer with MFA between the corporate space and the Enterprise Browser desktop experience. Similarly Privileged Access Management layers.
- Applied to any dive, anytime anywhere (including smartphones, tablets etc.)
- Maintain Privacy with options for the employee to enjoy a truly private surfing experience.
For the CIO
- The Island Enterprise Browser experience is fully customisable and can be branded according to the company or even at the department level.
- Integration with Other Services with seamless integration with other applications and services, such as email, cloud storage, and social media platforms, facilitating a more connected online experience.
- The ability to better manage the IT estate as the Enterprise Browser inserts every device on which it is deployed allowing for lifecycle management, IT hygiene and maintenance.
- The decommissioning of other technologies. For example, VDI solutions and Security Service Edge solutions.
- Immediate deployment of a secure work space to contractors, digital nomads risky geographies.
- Fully enabling BYOD in a compliant and secure manner.
- The ability to recover and reinstate services as a part of any BCP or DR plan. It’s as simple as a ‘click and download browser’ from any device as an answer to any major catastrophe.
In summary, the Browser is a powerful, often underestimated tool for modern enterprises, offering a seamless user experience and robust security features. It benefits employees, CISOs, and CIOs through enhanced security, customisation, and integration, making it a strategic asset for navigating today’s complex digital landscape.