Could you give me a bit more information on Google Chrome Frame security? Our organization operates several legacy applications that have to run on outdated versions of IE. Is Google Chrome Frame a viable way to bolster security across the enterprise?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Google Chrome Frame is a plug-in for Internet Explorer versions 6-9 that gives users “access to the latest HTML5 features as well as Google Chrome’s performance and security features.” Google Chrome Frame will improve the security of older browsers when visiting a website that opts to use the plug-in, but won’t affect the security for the rest of the Internet. This allows users to continue to use their current version of Internet Explorer while benefiting from the functional advantages of Google Chrome Frame. This will not significantly improve security, since it is unlikely that a malicious website will target Google Chrome Frame to exploit rather than exploiting the version of Internet Explorer in use.
There is a similar project called IE Tab that may improve security more than Google Chrome Frame. IE Tab is a Web browser plug-in for Google Chrome or Firefox that uses Internet Explorer to display a webpage in a tab in Chrome. It can be configured so IE Tab always opens certain URLs, such as your legacy applications or websites requiring IE. This sets the system so IE can still be used for some trusted websites, although employees are no longer browsing the Internet using old versions of Internet Explorer. Users may benefit from using a more secure Web browser and still sustain the advantages of an older, more insecure version of Internet Explorer.
Dig Deeper on Web browser security
Related Q&A from Nick Lewis
Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading
Island hopping attacks create enterprise risk by threatening their business affiliates. Here's how to create an incident response plan to mitigate ... Continue Reading
Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading