By 2028, 25% of companies will expand existing secure remote access and security of endpoints by implementing at least one secure enterprise browser (secure enterprise browser – SEB) technology to address specific gaps, according to Gartner, Inc.
Threat actors often target employees with phishing attacks to steal credentials and bypass endpoints detection and response controls, making an additional layer of visibility and control in the web browser necessary.
“Web browsers are the primary access method for most modern corporate applications and provide an independent enterprise security control point independent of endpoint“, says Max Taggett, Senior Principal Analyst at Gartner. “Security leaders can use an SEB to reduce risks and enhance the digital experience.”
Currently, Gartner estimates that less than 10% of companies have adopted an SEB. Companies that primarily rely on Software as a Service (SaaS) applications, with few branches or cyber-physical systems to protect, need a simpler method of managing protection technology than traditional stacks of security. SEBs meet this need.
Additionally, SEBs enable segmented access from minimally or unmanaged end-user devices and personal devices (bring-your-own PC), where deploying endpoint agents would be inadequate due to privacy or maintenance reasons.
“SEBs incorporate enterprise security controls directly into the native web browsing experience using a customized browser or an extension for existing browsers, rather than adding external controls at the endpoint or network layer”, says Evgeny Mirolyubov, Senior Director Analyst at Gartner. “SEBs also enable segmented access to SaaS applications with tunneling directly from web browsers, minimizing the need for full endpoint agents and tunnels.”
Companies implementing SEBs can:
– Enforce enterprise security policies and gain visibility into web traffic without requiring inline decryption, which can improve application performance and latency.
– Support the transition from legacy client applications to delivering modern SaaS applications.
– Complement or reduce reliance on Virtual Private Networks (VPNs), Virtual Desktop Infrastructures (VDIs) and Desktop as a Service for companies prioritizing remote or outsourced work and Cloud delivery.
– Enhance protection capabilities against antiphishing and credential theft, such as preventing the reuse of corporate credentials on unauthorized or phishing websites, on devices where browser use is restricted to selected SEBs.
– Improve visibility and reporting on web application usage, performance, and employee behavioral analytics for minimally or unmanaged devices and for companies without a mature Employee Digital Experience strategy.
Topics like this and others exploring the evolving landscape of risks and strategies, along with practical insights on how to address challenges in increasingly complex cyber environments will be highlighted at the ConferenceGartner Security & Risk Management, to be held on August 5th and 6th in São Paulo. More information is available at: https://www.gartner.com/pt-br/conferences/la/security-risk-management-brazil
Gartner clients can read more in “Innovation Insight: Secure Enterprise Browsers“.
