Secure remote browsers popped into our attention several times this year—Gabe wrote about the next generation of Ericom Shield, Symantec acquired Fireglass (now Symantec Web Isolation), and Jo Harder blogged for us about Citrix Secure Browser.
Remote browsers are straightforward enough, as they involve desktop virtualization concepts we’ve known and used for years. Websites are rendered in a remotely-hosted browser (the underlying platform can vary), and web content is delivered to the client via a remote display protocol. User access is through an HTML5 client, so the user experience should feel just like regular browsing.
There are many potential use cases, but number one is isolating local devices from the Internet in order to protect against malware, phishing, and ransomware. Other use cases include solving browser compatibility issues, off-loading web rendering workloads from endpoints, and providing secure remote access to on-premises web apps.
The use case that I’m most interested in, though, is using remote browsers to protect SaaS applications. Using identity management, a proxy, and conditional access, you can ensure that users only access SaaS apps through the remote browser. From there, you can apply DLP policies in the remote session (copy/paste protection, watermark, print controls, local storage control, etc.), as well as rest assured that the web app won’t leave any data behind in the local browser’s cache.
It’s probably my EMM background speaking, but to me, this sounds like the most innovative use case. It takes mobile app management and containerization concepts that came in vogue with the rise of enterprise mobility and BYOD and brings them to desktop browsing. In fact, I have always been a fan of similar solutions that involved local containerized browsers from Moka5 (which unfortunately never came to market) and from Good (now available as BlackBerry Access).
With the huge spread of SaaS and all the talk about cloud app security, conditional access, and cloud app security brokers in 2017, you would think that secure remote browsing would be in the mix, too. However, I just haven’t heard much talk about these products and this use case out in the wild. (Again, most of the marketing around remote browsers is about protecting endpoints from Internet malware.) Maybe that’s because the SaaS app scene is less familiar with remote display technologies, and are inadvertently or consciously shying away from them? Or perhaps it’s because BYO and dual-persona has never felt as urgent for laptops and desktops as is it does for mobile?
On the other hand, looking at the potential market more optimistically, perhaps secure remote browsers will find more usage in 2018 as SaaS grows even more and the products have more time to prove themselves at early customers. In addition, as I argued recently, the rise of the extended enterprise will open up more contractor and part time use cases that would also be perfect for secure remote browsers.
What do you think? Do you have any plans to use these products in 2018? Either way, they’re something that’s always struck me as a good idea, and I’ll be watching more next year.