Wednesday, December 15, 2021

Modernize security with Microsoft Edge and IE mode

Are you ensuring your organization is secured with a modern web browser? On June 15, 2022, Internet Explorer 11 (“IE11”) desktop application will retire and go out of support for certain versions of Windows 10. With the rise of phishing attacks and users spending 60% of their time in the browser while on a PC, the browser is an important vector to consider in your organization’s Zero Trust strategy. The shift to remote and hybrid work has increased our reliance on web applications, both modern and legacy, that are critical for business productivity and success. This means that choosing the right browser for your business is crucial in defending against the evolving threat landscape. Microsoft Edge is a more secure browser than Chrome for businesses on Windows 10 and 11, making it the best browser to meet your security needs.

Move to a modern browser to protect against vulnerabilities from legacy sites and apps

Security is the top concern that drives IT admins to modernize apps in their organizations. Yet, modernizing apps is not a small feat in digital transformation. A commissioned Total Economic Impact™ survey of 40 enterprise decision-makers conducted by Forrester Consulting on behalf of Microsoft in early 2021 found that organizations have an average of 1,678 legacy web apps that need IE. Even if you have security top of mind, modernizing this volume of apps can seem overwhelming. With Microsoft Edge and IE mode, you don’t have to modernize your many legacy sites and apps immediately. IE mode is the key steppingstone in modernization -- modernize your browser to Microsoft Edge and set up IE mode first, then take the time needed to plan and pace out your legacy web app modernization. IE mode in Microsoft Edge is supported through at least 2029. So when you configure IE mode, you are giving yourself an 8-year runway to modernize those legacy apps.

Base: 40 decision makers responsible for application modernization. Source: a commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Microsoft, January 2021Base: 40 decision makers responsible for application modernization. Source: a commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of Microsoft, January 2021

Getting your users to use a modern browser with modern protections is ideal. But bridging across modern and legacy apps is your reality. This is where IE mode can help. IE mode helps you to address security because it is designed to manage access to untrusted sites. IE mode uses an "allowlist" where you identify the trusted sites that are permitted to use the legacy engine. Any site that's not on the trusted list automatically opens using the modern engine for the safest browsing experience. With IE mode, you control which sites render using the legacy engine, and when the user navigates to any other site, Microsoft Edge will automatically switch back to the modern engine. The average user has no idea that their choice of browser has security implications. Users are unlikely to remember to use a legacy browser only for legacy sites and to switch to a modern browser for modern sites. An organization’s security shouldn’t rely on users to remember which browser to use when. Rely on IE mode instead for modern security protection for vulnerable legacy apps. Microsoft Edge is the only browser that can render both legacy and modern sites as a single browser experience. From the users' perspective, it's simple. They just use one browser—Microsoft Edge with IE mode configured—to seamlessly open whatever site they're trying to access, whether it's legacy or modern. To learn more about technical security differences between IE mode on Microsoft Edge and IE security, see this doc.

Modern patching cadence is another huge benefit of modern browsing. Customers such like GlaxoSmithKline (GSK), a global pharmaceutical firm with over 130,000 employees, set Microsoft Edge as their default browser earlier this year to improve security and simplify their IT environment. With Microsoft Edge’s dual engine advantage, GSK continues to run critical legacy apps and sites across 92 countries, right alongside modern ones. “We could migrate all our users to a modern browser platform with seamless access to our existing sites. And there was no change of behavior required for our end users. The sites worked exactly as they did before—all the links still worked, and the favorites were all still in place.”, mentioned by John Saenz, Head of Modern Workplace at GSK. The built-in updater also provides a much faster security update cadence, reducing response times to days rather than weeks or months. “One browser that does it all”, is how Michael Freedberg, Director of Modern Workspace Engineering at GSK, describes Microsoft Edge. Read more about GSK’s experience here.

Similarly, Bundesagentur für Arbeit (BA), the German federal employment agency, sought to consolidate its web apps, and standardize on a single, more secure, and modern browser. They had many legacy apps and were actively serving citizen customers during a pandemic. Microsoft Edge was the one browser that met their needs to keep legacy apps running and fulfill the requirements of the security arm of their IT team. The security arm of the IT team at BA took a close look at Microsoft Edge and after modifying some policies, the new browser passed all of their checks. BA developers, too, appreciate speedier development, a powerful tool set, and a more secure environment. IE mode brings the benefit of compatibility with business-critical websites, while eliminating the need for developers to support the IE browser as they build new websites. Ronny Intrau, Browser Product Manager at BA, points out, “Edge gives developers more time to get the job done in planning for the future of the modern web.” Read more about BA’s experience here.

Highest-rated protection against phishing and malware

Comparing the phishing and malware block rates for Microsoft Edge, Google Chrome, and Mozilla FirefoxComparing the phishing and malware block rates for Microsoft Edge, Google Chrome, and Mozilla Firefox

Phishing and malware are some of the most common attacks targeting users in an organization. In fact, phishing is responsible for almost 70% of data breaches, according to the Microsoft Digital Defense Report. Phishing websites impersonate a myriad of online services, and users give away credentials unwittingly. The phishing sites are known to copy legitimate login pages to trick users into inputting their credentials. Once the user inputs their credentials, they will often be redirected to a legitimate final site, leaving the user unaware that bad actors have obtained their credentials. Without the right layers of protection, a simple user error can open the door to leakage of confidential business information. Once you modernize your browser to Microsoft Edge with IE mode, you can continue to make use of your legacy sites and gain the benefits of modern protection for your organization and users.

According to an independent study from conducted in Q2 of 2021, Microsoft Edge leads in protecting against phishing and malware. The study ran a total of 160 tests, 80 for phishing and 80 for malware, for 20 days. Throughout the tests, new phishing and malware URLs were added daily to measure the browsers’ ability to block malicious URLs. Engineers repeated these tests every six hours to determine how long it would take a browser vendor to add protection if they did at all. Each browser’s overall block rate was measured and calculated as the number of successful blocks divided by the total number of test cases.

Results from the tests revealed that Microsoft Edge SmartScreen blocked 92.3% of phishing attempts and 97.4% of malware attempts compared to Chrome's Safe Browsing rates of 84.6% and 86.3%, respectively. Microsoft Edge has been robustly tested and is shown to offer the highest rated protection against phishing and malware.

Modernize your security today. Microsoft Edge, the browser for business, is designed with organizational security and management in mind. If you have critical business applications that have IE11 dependencies, equip your users with a secure and modern browser by starting your transition to Microsoft Edge today. Join us for a webinar on how to ready your organization for IE retirement before June 15, 2022.

Continue the conversation. Find best practices. Visit the Windows Tech Community.

Stay informed. For the latest updates on new releases, tools, and resources, stay tuned to this blog and follow us @MSWindowsITPro on Twitter.

Posted at