Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: How to stop data leakage."

Download it now to read this article plus other related content.

Corporate Control
No security features are worth much in a corporate environment if managers can't configure and control them globally. In addition to superior security features, IE 7.0 really stands out in its ability to manage configurations across the enterprise.

    Requires Free Membership to View

BROWSER SECURITY FEATURES

More than Firefox or Netscape, IE 7.0 allows you to create browser policies and configurations that can be saved and leveraged across an entire organization. In fact, if your organization uses Active Directory, IE 7.0 is the only viable choice from a management perspective.

While there's still no browser-embedded capability to centrally create browser configurations based on specific users or computers, you can create different browser configurations either through your AD implementation or enterprise disk imaging program.

AD is the better choice, since nearly all configuration controls--mostly registry settings--can be captured in a .INI file. The file can be distributed via SMS or commercial product, as opposed to an entire disk image every time you want to introduce new configuration settings or create specialized disk images for select groups. Further, because IE was designed to work with AD, you can control all of its more robust configuration options through this mechanism; the only way to manage all of the other browsers' more limited feature sets is through disk images.

The Vulnerability Caveat
Microsoft's track record on vulnerabilities hardly inspires confidence. The U.S. Department of Defense's NIST National Vulnerability Database lists 152 reported IE vulnerabilities in the last three years alone. Keeping up with patches and configuration controls, and the nagging anxiety about the next critical hole is the stuff of nightmares for security managers.

The assertion that Firefox is inherently more secure because it will have fewer vulnerabilities is open to debate. Since its release, 102 vulnerabilities have been reported, according to NIST. (Version 1.0 was announced in November 2004, though pre-1.0 betas were generally available for download and scrutiny.) Netscape had just 39 reported vulnerabilities in the last three years.

Numbers can be deceptive, though. IE is a mature product, so the continued discovery of large numbers of vulnerabilities is a real concern. On the other hand, it can be argued that the plethora of Firefox vulnerabilities is just an initial spike, typical of new applications.

This was first published in January 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: