Site Search

Island

island

The key to success lies in the "browser"! “Strengthening security and improving productivity” that plagues information system personnel

Introduction

How often do you use web applications in your work?
Email, chat tools, file storage, CRM, etc. You may not be aware of whether it is an application or not, but in fact, the systems we use during work are gradually becoming applications and accessing them via a browser. Isn't there a lot of things?
At the same time, there must be more than a few IT administrators who are troubled by the management of business applications, which are increasing year by year, and the confirmation and unification of security functions that are disjointed by application providers.
However, since these applications are often the primary work of employees, tight security cannot compromise employee productivity. (However, I think it's a dilemma that it's not okay to loose security.)
In addition to conventional website browsing, now that the frequency of browser usage has increased through the use of web applications, "browsers" may solve these problems.
In this blog, I will introduce "Both security and productivity" realized by utilizing enterprise browsers.

table of contents

1. Can enhanced security and increased productivity go hand in hand?
2. IT administrator security x productivity
2-1. Are there such situations?
2-2. Revolutionary approach to run RPA in the browser
2-3. Examples of RPA functions
3. User Security x Productivity
3-1. Support for legacy apps
3-2. Push bookmarks and extensions
3-3. Utilization of Clipboard
3-4. Mechanism for users themselves to know the degree of risk of the site
4. User Story: Marion Bank

1. Can security enhancement and productivity improvement go hand in hand?

In the first place, can security enhancement and productivity improvement be compatible?
The IT department is often positioned as the place of responsibility in the unlikely event that an incident occurs, and has a mission to constantly strengthen security so that it can respond to attacks that are evolving day by day.
On the other hand, it is important for the business and development departments to achieve sales, speed up development, and increase the frequency of releases.
There are many companies where either of the above has strong authority and strict security is impeding on-site productivity, or because it emphasizes on-site productivity, satisfactory security is not applied. it might be?
In this way, for those who want to change the current situation where security and productivity are a trade-off, we will introduce how to approach these issues with a tool called "enterprise browser" below. I think that I want to do it.

2. IT administrator security x productivity

2-1. Are there such situations?

"I wish this application had the same security features as that application..."
"I want to uniformly prohibit printing for all applications..."
"This SaaS, I can't authenticate my company's ID, but I really want to use two-factor authentication..."
Business applications are increasing year by year. Many companies contract applications for various business purposes, and it is said that each company overseas uses 130 SaaS.
Different providers will of course have different levels of security implemented in their applications. However, I think that there are more than a few companies that want to ensure a certain level of security no matter what application they use, and in some cases, want uniform security functions.
What actions will your company take? And by that action, does the following problem occur?

こんなシチュエーションはありませんか?

2-2. Revolutionary approach to run RPA in the browser

If the security requirements that the company wants to meet are not required for the application itself, but can be provided in the browser that runs the application, it is possible to provide uniform security functions regardless of the application as long as the browser is used for business. becomes.
By using RPA (Robotic Process Automation) as a method for realizing this, it is possible to freely and flexibly design the functions that each company requires for the application. However, due to the high degree of freedom of RPA, I think it would be extremely difficult to design based on 0 without clear requirements. Also, even if the requirements are clear, the design is completed, and the operation starts, we must also consider managing and operating multiple implementation rules.
An "enterprise browser" solves such problems.
Enterprise browsers hold RPA rules as templates that will be required for applications used on the browser. Using these, users can more easily customize their own, and centrally manage RPA policies created on enterprise browsers. This enables a revolutionary approach to implementing RPA in the browser.

2-3. Examples of RPA functions

As mentioned earlier, using RPA allows the creation of almost infinite scenarios, but this time we will introduce just a few examples.

  • I want to apply two-factor authentication to the application at any time

If your company uses IDaaS, I think the timing at which authentication is activated is when you log in to the application. However, for example, when using AWS, if it is possible to request authentication not only when logging in but also when deleting an AWS instance, in addition to determining whether the user has the authority to perform important actions, simple It is also possible to prevent operation errors.
Also, if a company that has not adopted IDaaS in the first place wants to authenticate a web application, is there any other option than adopting IDaaS?
By utilizing the authentication policy in RPA of the enterprise browser, the browser can request two-factor authentication at any time regardless of login time. As a result, regardless of the use of IDaaS, administrators can request uniform authentication on the browser side or request authentication at their own timing, so it is expected to strengthen security and improve flexibility (productivity). increase.

  • I want to restrict operations within a specific application

When using a variety of applications, certain behaviors may have hidden security risks. For example, in a cloud file storage service, storing files from the upload button in the service is fine, but uploading by dragging and dropping files from other SaaS or local folders stores data beyond the allowable range. There is a risk of doing so.
However, since it is difficult to control the above operations on the cloud service side, it may be possible to design RPA that controls the operations on the browser side on the enterprise browser side.

3. User Security x Productivity

3-1. Support for legacy apps

Since the end of support for Internet Explorer in June 2022, websites and applications that are only supported by IE, including those inside and outside the company, have been refurbished.
However, although we are in a hurry to repair internal systems in particular, some companies have been operating for too long, are closely connected to the surrounding environment, or have complicated systems. Many companies still have systems that can only be used with IE as apps.
If you have an enterprise browser, you can access those applications by using IE mode. Until now, for example, even if it was necessary to switch between Chrome and IE, it can be done with a single enterprise browser.

3-2. Push bookmarks and extensions

When your company introduces or changes new apps or extensions, how do you motivate your employees to implement them? Have you set up a helpdesk to guide you on how to download, or guide you to update your bookmarks when the URL of the application has changed?
With enterprise browsers, IT administrators can add and update bookmarks and extensions on users' browsers from the management console, keeping employees up-to-date and transparent. . Since it is possible to provide the latest state without prompting employees to work, it is possible to reduce the number of work hours of employees, not to interfere with work, and to increase productivity.

3-3. Utilization of Clipboard

Does your company need to transfer data between systems, opening two windows and manually moving data between screens? Since APIs are not necessarily prepared between applications, automation is difficult, and there are concerns about human errors such as input errors due to manual data transfer.
In this case as well, by combining the clipboard function of the enterprise browser with RPA, it is possible to copy multiple copies of the text data and image data that you want to migrate, and then paste the data in the other application with a single click. As a result, it goes without saying that productivity can be improved, and human error can be eliminated, so it can be said to kill two birds with one stone.

3-4. Mechanism for users themselves to know the degree of risk of the site

Until now, the degree of risk of websites and web applications was understood only by the tools themselves, such as filtering products and CASBs, or by the IT administrators who used them. It is important for IT administrators to control the use of obviously suspicious sites and high-risk web applications in advance, but there are also gray sites that cannot be controlled. Don't you think it would be possible to build a more secure environment if users could understand and use applications that are permitted to be used but should be used with caution because they handle important data?
Enterprise browsers have a function called "user indicator", which can inform users whether the website or web application they are accessing is safe, whether there is a risk, or whether it is safe but should be used with caution. increase.
As a result, it is possible to direct security awareness to the user without stopping the user's work, so it can be said that security and productivity are compatible.

4. User Story: Marion Bank

Marion Bank, a regional bank based in the southwestern state of Virginia, USA, encountered Island Technology's "enterprise browser" while feeling issues with the Security Service Edge (SSE) tool it was using.
The decisive factor for introducing Island was not only that we were able to solve the problems with the conventional SSE tool, but also that employees were positively motivated by various functions with plenty of elements to improve productivity. It was because it had become a tool that could be used for.
What kind of business are actual enterprise browser users using? ... Please see the user case from the link at the bottom.

Go to the case study download page

Go to the case study download page

in conclusion

Bottom Line: Security and Productivity Can Go Together in an Enterprise Browser
Did you feel...
The use case of balancing security enhancement and productivity improvement introduced in this blog is just one example, and because needs vary from company to company, it is effective to make maximum use of the "browser", which is a common operation point for each application. .
We introduced an enterprise browser as a solution that can realize the security functions required by companies without sacrificing productivity.
Please read about other usage scenes and user experiences.

Inquiry/Document request

Macnica Island, Inc.

Weekdays: 9:00-17:00