From an software perspective, internet browsers have develop into a type of OS inside an OS. With the introduction of agentic AI capabilities throughout the browser (simply take a look at what Perplexity, Opera and, to some extent, Google and Microsoft are doing), they’re changing into extra entrance and heart to organizations. This is not new, in fact. Browser-based app utilization has been rising for years, and analysis I carried out just a few years in the past signifies that the common group makes use of 87 browser-based apps.
That is to not low cost Home windows apps — that very same analysis challenge measured the common variety of Home windows apps at 105 per group. Nevertheless it does present that the browser can not be handled as one Home windows app. It is an extensible working surroundings that itself runs dozens of apps. It has hooks into the underlying OS, however for a lot of customers, the browser is the working surroundings, and the OS is simply the runtime wanted to ship the browser.
And that is earlier than we even take into account extensions!
Over time, browsers have opened up APIs that permit builders construct plugins and extensions so as to add performance, automate duties and join internet apps collectively. This has advanced right into a parallel app ecosystem contained in the browser. Every extension can carry its personal set of permissions, integrations and knowledge entry. Some have full visibility into each web page a consumer visits. Others can learn and write clipboard knowledge or work together with credentials. It is highly effective, nevertheless it’s additionally a messy patchwork of third-party code operating alongside your company internet apps with little central oversight.
What this implies for IT and safety groups
This has main implications for IT and safety groups, and we have chosen to cope with this in some ways through the years. Traditionally, the way in which to wrap safety across the browser and particular purposes was to make use of desktop virtualization that permit the browser run in a distant location on a tool that had tightly managed safety. After all, it is overkill to make use of a full desktop virtualization platform to deploy internet apps, which led to the emergence of bespoke distant browser isolation (RBI) platforms that specialised in delivering, managing and securing browser apps.
RBI instruments use comparable ideas to desktop and app virtualization. The browser runs on a safe, distant VM, however the browser’s UI is isolated to the tip consumer’s bodily system. After all, RBI additionally suffers from the identical drawbacks as desktop and app virtualization — latency points that seem in display screen rendering, extra transferring elements, and so forth.
On the opposite finish of the spectrum is the enterprise browser. This can be a managed browser constructed particularly for company use (versus a client browser, which is what most browsers are immediately). The place RBI secures by isolation, enterprise browsers are a brand new browser deployed as a neighborhood software, however with centralized administration that introduces insurance policies, visibility and management. This has the advantage of operating domestically and including a administration layer on prime of the “OS inside an OS,” but additionally provides to the variety of apps deployed domestically, whereas additionally altering the browser that customers are accustomed to.
Between the 2 extremes lie a number of instruments that use present browsers and give attention to browser and extension administration, telemetry, UX and different options.
The entire approaches intention to reinforce safety and administration capabilities in order that IT can configure and implement guidelines like entry management, knowledge safety, clipboard, obtain behaviors and extensions.
A glance forward
With so many apps — and so some ways to handle and safe them — the browser has develop into one of the crucial dynamic areas of IT. It touches identification, knowledge safety, productiveness, and now AI. And as AI strikes from being a characteristic of particular person internet apps to an embedded, agentic functionality throughout the browser itself, the browser is ready to develop into much more central to how customers work, to not point out how organizations should take into consideration governance.
Keep tuned! That is an space I will be specializing in this 12 months alongside my colleague John Grady, who covers community safety and examines browser safety via a zero-trust lens. Within the coming months, we’ll be conducting analysis into how organizations are approaching browser administration and safety immediately — what’s working, what’s difficult and the way AI would possibly reshape the equation. I am unable to wait to share what we study.
Gabe Knuth is the principal analyst protecting end-user computing for Omdia.
Omdia is a division of Informa TechTarget. Its analysts have enterprise relationships with know-how distributors.
