Q

When should new browsers be adopted in an enterprise?

It's helpful for organizations to look into alternative technologies and browsers, says expert John Strand, but you must always be aware of complexity and its effect on your security architecture.

When should a security and operations team feel comfortable supporting an alternative browser?
Many organizations jumped on with Firefox believing that it was vastly more secure then Internet Explorer. These supporters realized later, however, that they lacked the fundamental infrastructure to push out patches to the browser. I think that it is great for your team to look into other technologies, however, you must always be aware of complexity and its effect on your security architecture.

As a rule, complexity is the enemy of security. When more applications are introduced, the number of attack vectors increases, making the application infrastructure as a whole more difficult to secure. If, for example, your organization plans on supporting the Google Chrome browser, you now need to stay current with attacks against Firefox, Internet Explorer, Chrome and all the plug-ins that may possibly be installed in them.

If politically your organization has already made the commitment to multiple browsers, make sure that you have some mechanism or procedure to stay up to date on the risk vectors of all of your third-party applications, not just browsers.

This was first published in April 2009

Dig deeper on Web Browser Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close