We're trying to make a decision in our organization about whether to implement an enterprise browser for over 3,000 staff members or to utilize security extensions within Chrome and Edge. Leadership believes that adopting a locked-down enterprise browser would resolve our security issues effectively. However, some team members are concerned that this could lead to user dissatisfaction and resistance. On the other hand, while extensions seem like a more flexible and lighter option, there are worries regarding potential gaps in coverage and the possibility of bypassing policies. I'm reaching out to those who have experience with either approach—what have you found works best at scale?
8 Answers
In my experience, both options can scale similarly, but enterprise browsers often come with hefty licensing fees, and you can't be sure that the company behind it will stick around or be quick to address security vulnerabilities. Instead, consider using Chrome, Edge, or Firefox with enterprise-managed policies through your MDM. This way, if users don't have admin rights, they can't disable those policies easily—unless they run a portable browser, which can also be blocked.
Interestingly, both Chrome and Edge are Chromium-based and free, while an enterprise browser might also use Chromium but will likely charge you. If you're concerned about gaps in coverage with extensions, consider investing in endpoint protection that can monitor all browser traffic and maintain compatibility with websites.
Whichever route you take, be wary of extension sprawl. It can lead to users installing questionable extensions which opens the door to malware risks. It's wise to enforce a strict whitelist for extensions to maintain better control.
Extensions can provide good flexibility, but they need robust monitoring to be effective. We track browser activity in our SIEM and adjust our policies based on how people actually use the tools. Without this insight, you’ll just be guessing about what's working or not.
Are you planning to standardize on one browser? If so, that’s a must for going down the secure enterprise browser path. If Chrome is the favorite in your organization, look into their paid services that offer enhanced security. Scaling with around 3k users shouldn't pose a significant problem. Be aware though that extensions come with their own quirks, especially in terms of timing—some might not load before page content is displayed, which can lead to issues.
I don’t think enterprise browsers are entirely outdated. We rolled one out to about 1,500 users, and while the initial adjustment was tough, the outcome led to a more standardized experience and reduced the issue of unauthorized extensions.
True! At the end of the day, what matters most are the audit logs. Auditors look for proof that sensitive information remains secure, so using tools like Microsoft Defender with extensions like LayerX can help meet those requirements.
If leadership is set on their choice, it might be tough to sway them. But remember, managing Chrome through its native tools for extension and policy management is seamless, and it could save you from the drastic move of forcing a special browser on everyone.
You mentioned the two solutions, but what specific issues are you trying to tackle? Clarifying your primary goals can help narrow down the best choice between an enterprise browser and security extensions.
We had a similar situation at my company where we tried to enforce a new browser, but people reverted back to Chrome. Extensions turned out to be a much more effective solution, especially with tools like LayerX that function well without disrupting everyday browsing.