Application security, Cloud Security

Enterprise browser aims to offer secure access to legacy Internet Explorer apps

Internet browsers are seen on a computer screen

Enterprise browser company Island on Wednesday announced it was offering the ability for companies running legacy Internet Explorer (IE) apps to access them for an extended period of time before transitioning off IE.

Many organizations, especially in the healthcare, manufacturing, and state and local government sectors are in a bind because Microsoft ended support for IE on June 15, 2022. An enterprise browser adds a security layer at the browser, offering a way to control what the user can do when accessing applications from within the browser. By offering tight integration with IE, Island aims to solve the access issue for organizations — and promises added security.

As of 2022, there were an estimated 28 million IE users. Moving forward, Microsoft is encouraging customers to use Microsoft Edge in IE mode, which the software giant said it will support until at least 2029.

While both Island and Edge offer IE compatibility mode, Island's Chief Strategy Officer Brian Kenyon said what sets Island apart is its policy engine.

“If you were using Island at your company, you could say, 'Here’s the sites I will allow you to go to, here’s the data I will allow you to gather, here are the elements you are allowed to copy and paste, so you can have full control of what an end user is allowed to do inside the application,'” said Kenyon. “This gives our customers the ability to run those legacy apps just as they would in IE. They can go all the way back to IE 5, which gives them flexibility and time so they can think how they want to upgrade.”

Michael Suby, a research vice president in IDC’s security and trust group, maintained that the announcement is in line with Island’s strategy of looking for niche use cases. Suby considered today’s news a tactical move on the part of Island to offer access to legacy IE apps versus Island’s core value proposition as an enterprise browser.

“What they are solving for the customer is they don’t have IE to access their apps, they need something that works,” explained Suby. “Island comes in and says, ‘I can solve your problem and do these extra things as well, the visibility, the policy control.’”

Suby said any enterprise considering Island would trial it with users as an alternative to IE and see if the user experience measures up. More than likely, Suby said an organization would need to prove that Island performs as promised before they would deploy Island enterprisewide.

“They would say: ‘Let’s try Island, let’s confirm that it gives us what we need, and then we’ll make a decision about expanding,’” said Suby.

Dave Gruber, a principal analyst at Tech Target’s Enterprise Strategy Group, said at this point, he has not seen any other vendor offer this level of integration with IE in the enterprise browser market — but that could soon change.

“Other enterprise browsers offer many of the capabilities Island offers,” Gruber said. “This is a fast-moving space and the competition is heating up.” Gruber noted that other players in the enterprise browser category include Talon, Seraphic, Appaegis, LayerX, Red Access, and Google BeyondCorp.

There are many legacy browser-based applications that are difficult and potentially costly to migrate to newer platforms, said Ivanti's Chris Goettl.

For some applications, Goettl, the vice president of product management for security products at the Utah-based software company, said it may be a matter of another 12 months to 18 months until they retire the application. For others, it could require a long-term solution for an application that just isn’t worth migrating, but may have a long wind-down period.

“There are niche use cases like a legacy application that are ideal for this type of experience, and if Island can provide a seamless user experience to transition between regular browsing and work activities and applications that require the more secure experience, they may have eliminated one of the two barriers to secure browsing experiences,” said Goettl. “The cost would then be key. Is the cost of Island less than the cost to migrate these legacy applications to a new platform? If so, then their addressable market could be small. If not, then they could have a lucrative niche market to target at least for a while.”

While continuing to use products that have reached end-of-life is never a good strategy, Viakoo's Bud Broomhead said it may make sense for some organizations as part of transitioning to newer and safer products.

“While the IT community has moved on from IE, many business-critical non-IT functions are still reliant on it,” said Broomhead, chief executive officer of the Mountain View, California-based Viakoo. “Those organizations often lack the funding and IT skills needed to make large technology transitions happen — therefore making products like Island attractive in the short term until the budget and skills gap is addressed. 

"The problem of obsolete or end-of-life products still existing in businesses is not just limited to the IE browser," Broomhead continued. "Vast numbers of IoT/OT devices existing past their end-of-life data for the simple reason that they are still working and there's neither budget or staff to make replacing them a priority. That’s partly why IoT/OT, older software like IE, and older operating systems in general are among the largest and fastest growing parts of the attack surface.” 

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds