HTML5 has also created a thriving
ecosystem of browser extensions that
improve the user experience. Thousands
of extensions are available for Chrome,
Firefox, Edge and other HTML5
browsers. With extensions, users don’t
install full-blown software components
on their devices. Instead, extensions
install directly in the browser, typically
enhancing the browser interface rather
than introducing an additional UI. In turn,
end users can install and use extensions
on their own, without IT support.
Browser endpoint challenges
With browsers at the centre of so much
corporate activity, they are now subject
to many of the same challenges that
face desktops, smart phones and other
hardware-based endpoints. The first
challenge concerns leaking sensitive
corporate data. For example, many end
www.intelligentciso.com
|
Issue 06
users wind up using the same browser
– on the same computer – for personal
and professional purposes. Personal
email, banking and shopping are just a
few of the unauthorised applications that
can compromise sensitive enterprise
data as well as personal information.
Typically, such applications aren’t
monitored and don’t meet corporate
security standards and data is subject to
loss or theft as a result.
Second, the number of surface
attacks grows along with the number
of extensions users install in their
browsers. Those extensions can read
all the data exchanged between the
device’s browser and the back-end
server. While end users think the
extensions are secure, they can leave
users and their companies at risk of
cryptojacking, ransomware, phishing
and other malware attacks that target
one computer and then spread to other
systems in the corporate network.
Finally, most companies are going
to manage a hybrid application
environment that combines HTML5
and legacy technologies. Not every
enterprise application is going to move
to the cloud immediately. Rebuilding and
redeploying apps takes a lot of time.
For many organisations, both types of
applications will be used at the same
time. That’s just a fact of corporate
life. Take Windows 10, for example. It
launched in 2015 and Windows 7 still
plays a critical role in the enterprise.
It’s worth pointing out that, when
it comes to browsers, ‘legacy
technologies’ includes HTML4.
The majority of the enterprise web
applications use HTML4 technology,
which hasn’t changed much over the
95