Monthly News International
Browser Security: More browsers entail less security
Today, the web browser is used for accessing a multitude of applications and information resources; this development is further driven by the trend towards cloud services and social media, making the web browser an increasingly important aspect of corporate security considerations.
Experton Group has conducted a three-year analysis, based on multiple sources, to determine the impact of vulnerabilities of various browsers. As this research has revealed, unauthorized system access and disclosure of sensitive information are clearly the most common vulnerabilities by far, followed by the circumvention of security mechanisms, cross-site scripting and spoofing.
Many of the older browser versions are not suited to provide protection against current threats. Browsers that have not been patched completely even increase a company’s vulnerability unless alternative security measures are taken. The parallel usage of multiple browsers increases exposure to attacks and vulnerabilities and makes it even more difficult to remedy known security vulnerabilities.
Experton Group recommends the following browser security measures:
- It is imperative that rights to download and execute software and plug-ins are managed carefully.
- Ensure that browsers and workplace systems (clients) are configured with appropriate care.
- Implement and enforce patch and vulnerability management.
- Increase the security awareness of users and enforce respective behavior.
- Pursue a browser strategy if the relevant existing web applications are supported by the standard browser.
- Migrate to „new“ browsers, for instance, browsers that provide sandboxing functionality and state-of-the-art security and privacy settings.
- Use virtual browsers as transitional solution for multi-browser environments.