Island Brings Enterprise Controls to Web Browsers
Working in an enterprise can often mean that you use software that’s specifically designed to handle the scale and security requirements of these large businesses. In recent years, however, many software suites have moved from being offered as native desktop applications to living on the web, to be accessed via a browser. According to Brian Kenyon, chief strategy officer at Island, this shift has translated into a lot of enterprises relying on software that was not made to handle their specific needs: the web browser.
“When you actually look at the browser, it was actually never built for the enterprise,” said Kenyon. “It was built for consumers and advertisers and content producers and creators. When we use it in a business, the reality is [that] the business doesn’t have visibility, doesn’t have control, and doesn’t understand what their end users are doing inside that application.”
As a result, Island has created what it calls “the world’s first Enterprise Browser,” which it says brings security control, visibility and governance to a space that is otherwise opaque and lacking in enterprise-grade security. Island’s enterprise browser is built on top of the open source Chromium browser, which serves as the basis for other popular browsers, such as Google’s Chrome and Microsoft’s Edge.
While Island is built with Chromium and so offers users a familiar experience, it differs in that its users need to authenticate upon opening the application. After logging in, Island authenticates the user with the company’s directory services and fetches a policy file that tells the browser what the user is allowed to do.
“We’re not actually asking organizations to rip and replace their browser. We can coexist right next to Chrome and Edge, and this is why we call it an enterprise browser. We actually integrate into the business at the iDP or identity level,” said Kenyon. “We can say, for this group of users, going into this application, they can only connect and use it with Island. If they try to hit it from Chrome or Safari or Firefox, they get this nice little page that says, ‘In order to access this application, you have to use Island.'”
Island is available as a native desktop application for both Windows and Mac and uses Chromium’s isolation capabilities to provide both process and memory isolation. With Island, companies not only get increased control over what the browser can be used for but also more fine-grained details, such as whether or not information can be copied and pasted — and if so, from where.
“If you blindly block, copy and paste, I think you’d have an end-user revolt. We give the fine-grain control to say, ‘you can copy and paste in this app, you can even copy and paste from Salesforce into Office 365,’ but if you try to pull it out of Salesforce and drop it into Notepad or something on the desktop, we have the granularity to allow or disallow that by policy,” explained Kenyon.
Kenyon pointed to credit card processing companies that had been forced to go remote during the pandemic as one example of enterprise operations that were able to move to Island to help with preventing data exfiltration. This sort of security is not the only purpose of Island, however. It can also be used to gather data on user behaviors or to assist with the onboarding of remote workers.
“Island can give that exact same control you had in the workplace directly inside your browser interface,” said Kenyon, explaining that users can easily download and install Island on their computer via a link sent by their employer. “It’s really enabled a very fast onboarding of those remote workers.”
The company further writes in a blog post that Island “can also reduce VDI dependency while also supporting built-in safe browsing, web filtering, web isolation, exploit prevention, smart network routing, and Zero Trust access.”
Looking forward, Kenyon said that he expects the release of an iOS version of Island within coming months, as well as support for non-web-based protocols — such as offering SSH inside the browser, or the ability to use remote desktop protocol (RDP).
“Doing that inside the browser gives the organization control back over it,” he explained. “What you’ll see us eventually do, as we earn the right to become the primary browser for a lot of these businesses around the world, we’re going to be rolling out module after module on top of it: the performance module, the timing module, the ability to do performance diagnostics.”