One of the biggest mistakes I see large enterprises doing is blocking extensions entirely instead of developing a whitelist. It encourages "shadow IT", where users will find ways around corporate...
One of the biggest mistakes I see large enterprises doing is blocking extensions entirely instead of developing a whitelist. It encourages "shadow IT", where users will find ways around corporate blocks (so many are weak) and then have extensions installed on corporate hardware/networks that can lead to situations like this.
Taking Chrome for example, allowing user sign-in only on a corporate domain email account, only allowing a select list of extensions, and then (most importantly!) having a simple process to let users simply ask about adding more to the whitelist goes so far to stopping this from happening.
One of the features I liked about sophos' enterprise suite was it made it incredibly easy to manage the browser extensions for all of the users, including installing/removing/updating them across...
One of the features I liked about sophos' enterprise suite was it made it incredibly easy to manage the browser extensions for all of the users, including installing/removing/updating them across all managed systems. Took me just a couple hours to vet and build just such a whitelist.
I appreciate all the good work Krebs has done, but this seems more like "The case for vetting your browser extensions." Would the exact same headline appear in an app store story: "the case for...
I appreciate all the good work Krebs has done, but this seems more like "The case for vetting your browser extensions." Would the exact same headline appear in an app store story: "the case for limiting your iPhone/Android apps"?
One of the biggest mistakes I see large enterprises doing is blocking extensions entirely instead of developing a whitelist. It encourages "shadow IT", where users will find ways around corporate blocks (so many are weak) and then have extensions installed on corporate hardware/networks that can lead to situations like this.
Taking Chrome for example, allowing user sign-in only on a corporate domain email account, only allowing a select list of extensions, and then (most importantly!) having a simple process to let users simply ask about adding more to the whitelist goes so far to stopping this from happening.
One of the features I liked about sophos' enterprise suite was it made it incredibly easy to manage the browser extensions for all of the users, including installing/removing/updating them across all managed systems. Took me just a couple hours to vet and build just such a whitelist.
I appreciate all the good work Krebs has done, but this seems more like "The case for vetting your browser extensions." Would the exact same headline appear in an app store story: "the case for limiting your iPhone/Android apps"?