The Register Guide on how to stay anonymous (part 3)
Browser privacy at work
The iPhone Effect
Against this backdrop, Apple holds a very special position. iOS devices are among the most popular consumer devices in the history of IT. Their remarkable popularity is almost single-handedly responsible for the increased pressures of the consumerisation of IT. And yet, given Apple's stranglehold over the iStore they alone hold the power to dictate which browsers are allowed to run on this important segment of technology.
Apple simply does not allow alternate browsers to be set as default on their devices. Worse, those third party browsers it does allow must either be remote-proxy hybrid frankenbrowsers, or Safari/Webkit reskins.
Microsoft seems to have been infected by this attitude, locking down Windows Phone 7 against all third party browsers; any third party attempts must be IE based. Only time will tell if this position will change should Microsoft's mobile platforms continue to languish in irrelevance.
While all hope of a truly cross platform browser appears to be dead, there remains a necessity to mange and configure the browsers we do have available. Here at least, there is hope. Mobile Device Management (MDM) software exists for virtually every mobile device on the market.
Assuming one is willing to omit iOS and Windows Phone devices from the enterprise, it would theoretically be possible to use a single browser across the enterprise. With proper MDM software however, we should be able to configure not only the operating system, but various browsers as well.
The fading relevance of Active Directory
Browser security in the enterprise depends on manageability. IE running on Windows managed via Active Directory made for a great combination. This digital monoculture however represents a past era that will not return.
While Active Directory is still a useful authentication service, it must be supplemented by a number of third-party tools in order to cover the wide array of devices and operating systems in use in the real world. To properly secure browsers in the enterprise, we must move beyond the simple and familiar single point of configuration that Active Directory has represented for so long.
The future of enterprise security belongs to third-part management software. Several contenders exist. Some even offer both desktop and mobile management options. As yet however, there is no single application covering all devices in play.
Eventually, one of these developers will get ambitious and combine support for virtually all operating systems - mobile and desktop - with one of the many viable replacements for Active Directory. For now, we must rely on multiple management applications to secure browsers - and their associated operating systems - in our environments.
While the days of the homogeneous operating system - and browser - are well and truly behind us, there is still hope for a unified configuration and management environment in our future. ®