Securing a zero-day browser crisis with Catalyst

Posted by: Browsium Tags: , , Posted date:

The other day we got a recall notice in the mail for our car. We’re a one car family – trying to be eco-friendly – so taking in our car for service isn’t something we want to rush to do. But this notice was about a potentially (fairly) serious issue and the notice said we shouldn’t drive the car until it was fixed. While my wife and I were debating how to deal with this, it dawned on me how this issue is strikingly similar to dealing with browser security around zero-day exploits.

Many years ago when I managed IT organizations, we would get vendor notices concerning zero-day browser exploits and I’d convene our security, desktop, helpdesk, networking and administration teams to discuss how we should handle it. Invariably, the vendor suggestion was to stop using the product until the fix was available. That’s easy enough for them to say, but what about our business? Working with our finance team, we calculated that one minute of end user desktop downtime cost us nearly $1M in lost revenue processing. Intentionally taking any kind of productivity loss was unthinkable, but continuing to run this exposed software was risky. The web browser was mission critical to our business, so turning it off for all 500 employees was not a viable option and there was no reasonable alternative mitigation.

In the end we would make a decision based on risk tolerance, and that decision was always to keep the browser running and watch for security issues. Browsium Catalyst gives you a better option – limit use of the vulnerable browser AND keep the business running with an alternative browser. It does this by giving IT central control over multi-browser PCs.  Before Catalyst, there was no good way to manage user behavior with multiple browsers on the desktop. Users could choose which browser to use, often making the wrong choice – breaking compatibility or putting network security at risk.

We’ve already blogged about a variety of Catalyst features (with more to come), including last week’s post about Zone Management in Chrome and Firefox. Today the topic is managing security incidents, and Catalyst has several options that you can invoke to better deal with a zero-day browser crisis. You can use Catalyst to restrict which browser is allowed to access content for a given URL, website, keyword, or Security Zone. That means you can have Catalyst ensure a vulnerable browser isn’t exposed to external threats – for example you can restrict IE6 or IE7 (yes, we know you’re still running them…talk to us about Browsium Ion) to only the Intranet Zone and use Chrome or Firefox to access the Internet.

Another cool feature in Catalyst is the ability to ‘Close Tab’ when Rule conditions are met. Even if you want to remain a single browser shop, you can use Catalyst to mitigate the issue in the case of a zero-day. Simply set up a Rule to trigger on conditions you’re concerned about (like accessing the Internet) and users can’t browse anywhere during the crisis. Another option would be to use the ‘Redirect’ feature to stop the navigation and display a page explaining why users can’t see the content they are trying to access. Stop the users in their tracks and prevent any exposure before some rogue website has a chance to attack.

If you haven’t downloaded Catalyst yet, I invite you to test it out. Try the security approaches I covered here and give us feedback. Are there other scenarios we should add? Your input helps us deliver better products so this is your chance to get involved.

Back to my car issue, if you were wondering, my wife and I took the other approach with the car and had it towed in for service. We were limited to using only the Metro for a few days, but now every time we load the kids in the car, we’re very glad we made that call.

Matt Heller
Founder & CEO

  • Share:  

Recent Posts

ITOM for Browsers: Visibility, Security, Efficiency with Proton
Posted on: March 27, 2024
The Browser Blind Spot: Is Your IT Management Missing Critical Data?
Posted on: March 25, 2024
Enhancing Enterprise Efficiency with Advanced Browser Management Tools
Posted on: February 12, 2024

Blog Topics

ActiveX Advanced Solutions Application Modernization Application Sandboxing BCMS Upgrade Browser Compatibility Browser compatibility issues Browser Compatibility Testing Browser end of life (EOL) frustration Browser IT Management Browser Management Browser management solution Browser Management Tool Browser Performance Monitoring Browser Selection Automation Browser Telemetry Tool Browser-Based Applications Browsium Browsium Chrome Extension Browsium Extension Browsium Ion Browsium Proton Catalyst Centralize browser management Chrome Compatibility Compatibility Challenges Compatibility Layers Compatibility Strategies Compatibility Testing Cross-Browser Testing CVE-2021-44228 Deployment eBook Edge IE Edge IE Chrome Edge IE Mode Edge Legacy Edge Readiness Emulation Enterprise Browser Management Enterprise Browser Security Events Extensions File Swap Firefox Flash EOL Group Policy History Hotfix How-To IE 11 EOL IE End of Life IE EOL IE11 Internet Explorer End of Life Internet Explorer EOL Ion Ion v4.9.4 IT Business Strategy IT Challenges IT Landscape IT Solutions ITOM Java Java Applets Latest Version Legacy Application Compatibility Legacy Application Integration Legacy Application Regression Testing Legacy Application Strategies Legacy Applications Legacy Browser Applications Legacy Browser Compatibility Legacy Web Applications Log4shell Microsoft Cumulative Update Migration Mission-Critical Applications Modern IT Modernizing Legacy Applications Patch Tuesday Performance Preserving Legacy Applications Product Offerings Product Release Proton Remediation Sandboxing Legacy Applications Security Services Shadow IT Silent Heroes Silverlight Support Testing Modernized Applications Flash EOL Top News User Training Virtualization Web Application Compatibility Webinar Win10 Preview Release Windows 10 Windows 8 XP Usage Share

Request Demo

Internet Explorer End of Life problems?Learn More