As modern web, portable computing devices, and other technologies have enabled employees to work from anywhere, there’s been a surge in cloud adoption among organizations, and browsers have evolved to be silent entry points for accessing corporate data. According to Research Company Statista, over 20 percent of security breach has happened through browser in 2018. In fact, enterprise security strategy in many organisations has suffered as attackers leveraged unsecured browsers and web applications to create lasting business repercussions.
Mathivanan Venkatachalam, Vice President of ManageEngine spoke to HPC Asia on the importance that enterprise should put on browser security and ManageEngine’s new product that addresses this issue.
Why is there a necessity for browser security for enterprises today?
While focus on enterprise IT security as whole is high within organisations, browser security is overlooked since browser is considered an app. Modern web, portable computing devices, and other technologies have enabled employees to work from anywhere, but they are unaware of the security breach that can happen through the browser. Browser is a point today which offers the vulnerable inlet to the attacker.
Recent example is the WannaCry attack, which was an OS level threat, which looked for vulnerability OS and used the malware to encrypt the hard disk and take control of critical data. This shows that very few CIOs or IT managers think of browser security or that threat can hit their network through vulnerable browser set up. There is a surge in cloud adoption among organization and the enterprise networks today are highly flexible running various kinds of apps – cloud apps, business apps. Most of these are accessed through browser, and the security at this end point is not good enough. Till now there has been no end-to-end solution to manage and secure the network.
Can you talk in detail about the need for browser security and management?
For the longest time, browsers have been considered just another application, but with today’s cloud-centric set up, security breach often happens through vulnerable browser set up. More than 30 percent of the exploits happen through Chrome, IE, Firefox. Through the browser the cyber attacker is able to take control of the employee id and then cause severe damage.
That is why enterprise of today have to focus on managing the browsers being used by the employees. Browser security and management has to be built in during the initial phase of defining the infrastructure security strategy. If the browsers and apps are not updated on a regular basis new vulnerabilities become tough to be managed or fixed. That is why it is important for the organisation’s security policy to have browser security as an aspect to be taken care of like other security pain points. By managing browsers the same way they manage endpoints like desktops and mobile devices, enterprises can seal their network from possible attacks at its most used threshold.
What is ManageEngine’s endpoint security is all about?
Browser Security Plus, a browser management solution that helps organizations secure their corporate data in the cloud and protect their networks from web-based cyberattacks. This comprehensive browser management solution that can secure multiple browsers — such as Google Chrome, Mozilla Firefox, and Microsoft’s Internet Explorer and Edge — used in Windows environments. Market reports show that 88.18 percent of desktops worldwide run on Windows.
Browser Security Plus provides a layer of management capabilities for browsers and their add-ons to maintain robust enterprise security. This allows enterprises to improve network health by preventing, detecting and fixing any browser vulnerabilities.
What kind of benefits the IT infrastructure will get once Browser Security Plus is added to security framework?
Browser Security Plus covers all critical aspects of securing a browser — from obtaining visibility, enforcing security policies, and controlling access to ensuring compliance with enforced policies. It can be used by all sizes of companies. In fact, the edition is perfect for small businesses to manage up to 25 computers.
With this in place IT managers can segregate trusted websites and business applications are. Untrusted sites are rendered in a virtual browser to ensure enterprise data remains secure. IT teams can provide and revoke access to browser add-ons like extensions and plug-ins based on their reliability and also silently push mission-critical extensions to computers from a central repository. It also helps in intelligent grouping of browsers into policies that address specific requirements such as threat defence and data leakage prevention.