1-1. SWG measures

In application control, a so-called web proxy called Secure Web Gateway (SWG) is often used, but in application control with SWG, only specific actions for specific applications (login, file upload/download, post, etc.) Therefore, it is not possible to target all applications or control detailed actions. There are also cases where the introduction of agents is necessary, and there are patterns in which this itself becomes a barrier.

1-2. CASB measures

There are cases where Cloud Access Security Broker (CASB) is used as another means, but in the method of acquiring audit logs via API and visualizing/controlling them, in the first place, only applications that support API linkage can be targeted. , the action logs that can be acquired depend on the application side, so consistent log acquisition and control for all applications is not possible. In addition, the introduction of an agent may solve the above problems, but the agent's batting etc. itself may become a barrier.
In summary, the challenges in web application control with SWG/CASB are as follows.

The features of the "enterprise browser" are introduced below as a security measure approach that does not reduce productivity while clearing the above issues.

2-1. Compliance

In enterprise browsers, there is a function called Last Mile Control, which allows detailed control according to the needs of the company, and a function called SecureStorage, which allows you to view and edit downloaded files without saving them on the local device. Therefore, by always operating the web application via an enterprise browser, data will not be leaked from the web application to the outside, and data protection measures can be presented in a compliant manner. Data regulations vary greatly by country and region, so for companies that utilize various applications and have employees around the world, enterprise browsers will enable flexible and fine-grained management. .

2-2. Flexibility

Our web applications are used for various purposes. Of course, the level of security features implemented by the applications themselves varies, as vendors and uses differ. However, if any application handles confidential information, performs important work, and has even the slightest risk of data leaking to the outside, then "unifying the security level at a high level" will not be important. Huh?
With enterprise browsers, it is possible to control all web applications more finely than the security functions implemented by the applications themselves, and if the importance is different, it is possible to unify only specific multiple applications and tighten the policy. It is also possible to set...

As a result, it is possible to unify "all" or "partially" the security standards of different web applications, so that security can be strengthened without impairing business productivity and flexible responses can be made. will be

2-3. Speed

How long does it take your company to strengthen the security of your business applications?

• I want to incorporate multi-factor authentication into my own in-house application
• I want to restrict access with a finer granularity than the role-based access provided by SaaS
• I want to add a "watermark" when browsing confidential information

If it is your own application, it is possible to modify it, but I think it will take some time.
Furthermore, the desire to control one behavior of general SaaS becomes a request to implement a function on the SaaS provider side, and it is not known whether it will be realized in the first place.
Enterprise browsers can meet the needs of "immediately improving the security of any application".
By going through an enterprise browser, you can use applications more securely than before by granting additional authentication, controlling specific actions (copy & paste, drop & down, etc.), and using the device posture of the access source. .

2-4. Productivity

From the standpoint of labor shortage and division of labor, I think that more and more companies are actively outsourcing their work. Companies that previously purchased and distributed terminals to outsourced contractors can reduce terminal management costs while maintaining security simply by distributing enterprise browsers. Also, if you are letting your company use a terminal on the side of a subcontractor, or if you are promoting BYOD for your own employees or want to do so, you can use Enterprise as a tool to respect their privacy while ensuring the security level required by your company. Distributing a browser is one way.
In addition, with flexible access/action control within this enterprise browser, it is possible to establish an approach that does not compromise operational efficiency due to security.