Internet Explorer is Dead, Long Live Internet Explorer?
- Most enterprises still need Internet Explorer for access to legacy web applications
- While Chrome and Edge are significantly more secure than IE, they are still susceptible to malicious downloads
- Bromium allows you to safely run Internet Explorer, while it also protects modern browsers such as Chrome and Edge
Internet Explorer (IE) was the most widely used enterprise browser for the better part of two decades. IE was king because it shipped with every Windows device, and also for website compatibility reasons. As enterprises began deploying internal web applications from the late 1990s through the late 2000s, many of these applications required Internet Explorer, Java, or Flash. These enterprise web applications simply didn’t work properly on any browser other than IE.
Thankfully, most modern web applications deployed in the past five years are HTML5 compliant, do not have any Flash or Java dependencies, and run great on Chrome, Edge, or even Firefox.
Historically, most web exploits over the last 15+ years used vulnerabilities native to IE or the ActiveX plugins in IE such as Java and Flash. Safeguarding organizations against these exploits is nearly impossible given the legacy architecture that IE and ActiveX was built upon.
Modern browsers to the rescue
IE was written using legacy architecture that’s now decades old. Modern browsers such as Chrome and Edge were written from the ground up with security in mind. This does not mean that Chrome and Edge cannot be exploited. However, Chrome and Edge exploits are rare and harder to execute compared to IE, Java, and Flash.
2018 is the year of Windows 10. By the end of 2018, Windows 10 will outnumber Windows 7 in the enterprise. This is a good thing, considering that Windows 10 is far more secure, and most users on Windows 10 now use Chrome or Edge (mostly Chrome).
Now that the more secure Chrome is the browser king and most users are running Windows 10, does that mean we can finally close the coffin lid on Internet Explorer? Unfortunately, not yet.
Legacy applications refuse to die
Remember all those legacy internal web applications that were built upon IE, Java, and Flash technologies? Well, they are still alive and well in most large enterprises. Nearly every large company I talk to still has pockets of old web applications that users need to access. So IE is still supported as a browser in most enterprises, even after migration to Window 10. Unfortunately, even on Windows 10, IE running Java or Flash is still a major security risk.
Bromium micro-virtualization to the rescue
How can you let users access legacy web applications with IE, Java, or Flash on Windows 10 while also protecting them? Bromium micro-virtualization! With Bromium Secure Platform running on Windows 10 (Windows 7 and 8.1 are also supported), you can run IE and legacy versions of Java, Flash, and other IE plugins to support your internal web applications.
However, whenever a user visits an external website, Bromium will seamlessly isolate the IE tab, along with all the legacy plugins, inside a micro-VM. Should a website attempt to exploit a vulnerability within IE or its legacy plugins, the exploit will be fully isolated away from your Windows device. No one has ever been able to break out of a Bromium micro-VM, so you can continue to safely run IE with confidence and peace of mind.
What About Chrome and Edge?
Chrome and Edge are more secure by design, so malware authors are focused on tricking end users into downloading and executing malicious files. Chrome and Edge do nothing to prevent a user from downloading a malicious Word document, executable, or zip archive containing a malicious payload. This is where the Secure Files feature of Bromium Secure Platform steps in to protect Chrome and Edge by placing risky file types downloaded from the Internet into a micro-VM. Bromium fully protects and isolates executables, scripts, Office documents, PDF documents, archives, and many of the other risky files that users download from the Internet.
Finally, for our most security-conscious customers who need to protect against zero-day Chrome or Windows kernel exploits, we also have the Bromium Secure Browser, which is a part of the Bromium Secure Platform. The Bromium Secure Browser is a Chromium-based independent browser that allows any Internet website to run securely in a micro-VM.
Stay tuned for future articles discussing the Bromium Secure Browser in more detail!
Contact Bromium to learn more.