Rethinking Web Browser Security (
Page 2 of 3 )
Enterprise IT may be tempted to delve into consumer-oriented tools to augment the security of their most exposed, remote workers. However, such experiments will be fraught with complications. With most of these products, there is no central management component, so each instance is managed and updated on a one-off basis. Also, the products vary in their support for different browsers, which could interfere with the operation of outdated but mission-critical Web applications.
The best practical, vendor-neutral advice I can offer to avoid Web threats is to keep your systems patched—and by this I mean the operating system, the browser and its add-ons, as well as applications.
That said browser updates can sometimes cause incompatibilities with legacy Web applications.
Security software itself can even punish companies that don’t keep fully up-to-date. For example, one of my favorite Web site validation and scanning tools—the stand-alone version of AVG’s LinkScanner Pro—does not yet support Firefox 3.0, more than a month after the release of Mozilla’s latest browser. AVG claims to support Firefox 3.0 with the LinkScanner functionality baked into the company’s full Internet security suite, but support has not yet been extended to the stand-alone version of LinkScanner Pro.
In cases like these, administrators must weigh the use of a security program versus the productivity gained by using the application itself (and productivity usually wins). But if a security company has been known to be slow to adapt to browser improvements, the security solution will likely be a bad fit for corporate use on an ongoing basis.
/ 7 
