Rethinking Web Browser Security

By Andrew Garcia  |  Posted 2008-07-30 Print this article Print

=Basic advice }

Enterprise IT may be tempted to delve into consumer-oriented tools to augment the security of their most exposed, remote workers. However, such experiments will be fraught with complications. With most of these products, there is no central management component, so each instance is managed and updated on a one-off basis. Also, the products vary in their support for different browsers, which could interfere with the operation of outdated but mission-critical Web applications.

The best practical, vendor-neutral advice I can offer to avoid Web threats is to keep your systems patched-and by this I mean the operating system, the browser and its add-ons, as well as applications.

That said browser updates can sometimes cause incompatibilities with legacy Web applications.

Security software itself can even punish companies that don't keep fully up-to-date.  For example, one of my favorite Web site validation and scanning tools-the stand-alone version of AVG's LinkScanner Pro-does not yet support Firefox 3.0, more than a month after the release of Mozilla's latest browser. AVG claims to support Firefox 3.0 with the LinkScanner functionality baked into the company's full Internet security suite, but support has not yet been extended to the stand-alone version of LinkScanner Pro.

In cases like these, administrators must weigh the use of a security program versus the productivity gained by using the application itself (and productivity usually wins). But if a security company has been known to be slow to adapt to browser improvements, the security solution will likely be a bad fit for corporate use on an ongoing basis.

Andrew cut his teeth as a systems administrator at the University of California, learning the ins and outs of server migration, Windows desktop management, Unix and Novell administration. After a tour of duty as a team leader for PC Magazine's Labs, Andrew turned to system integration - providing network, server, and desktop consulting services for small businesses throughout the Bay Area. With eWEEK Labs since 2003, Andrew concentrates on wireless networking technologies while moonlighting with Microsoft Windows, mobile devices and management, and unified communications. He produces product reviews, technology analysis and opinion pieces for, eWEEK magazine, and the Labs' Release Notes blog. Follow Andrew on Twitter at andrewrgarcia, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel