Gartner Predicts 25% of Organizations Will Use Secure Enterprise Browsers to Enhance Remote Access and Endpoint Security by 2028

By 2028, 25% of organizations will augment existing secure remote access and endpoint security tools by deploying at least one secure enterprise browser (SEB) technology to address specific gaps, according to Gartner, Inc.

Threat actors frequently target employees with phishing attacks to steal credentials and bypass endpoint detection and response controls, necessitating an additional layer of visibility and control within the web browser.

“Web browsers are the primary access method for most modern corporate applications and provide an endpoint-agnostic enterprise security control point,” said Max Taggett, Sr Principal Analyst at Gartner. “Security leaders can use a SEB to reduce risk and improve the digital experience.”

Currently, Gartner estimates that less than 10% of organizations have adopted a SEB. Organizations that primarily rely on SaaS applications, with minimal branch locations or cyber physical systems to secure, need a simpler method of managing security technology than traditional security stacks. SEBs fulfill that need.

In addition, SEBs enable segmented access from unmanaged or lightly managed end-user devices and bring-your-own PC, where deploying endpoint agents would be inappropriate due to privacy or maintenance reasons.

“SEBs embed enterprise security controls into the native web browsing experience using a customized browser or extension for existing browsers, instead of adding bolt-on controls at the endpoint or network layer,” said Evgeny Mirolyubov, Sr Director Analyst at Gartner. “SEBs also enable segmented access to SaaS applications tunneled directly from web browsers, minimizing the need for full endpoint agents and tunnels.”

Organizations deploying SEBs can:

• Enforce enterprise security policies and gain web traffic visibility without requiring in-line decryption, potentially improving application performance and latency.
• Support the transition from legacy client applications to modern SaaS application delivery.
• Complement or reduce reliance on VPNs and VDIs, and desktop as a service for organizations prioritizing remote or third-party work and cloud delivery.
• Augment antiphishing and credential theft protection capabilities, such as protection against reuse of corporate credentials on unauthorized or phishing websites, on devices where browser usage is restricted to selected SEBs.
• Enhance visibility and reporting of web application usage, performance and employee behavioral analytics for lightly managed or unmanaged devices, and for organizations without a mature DEX strategy.

Gartner clients can read more in "Innovation Insight: Secure Enterprise Browsers." 

Gartner Security & Risk Management Summit

Gartner analysts will present the latest research and advice for security and risk management leaders at the Gartner Security & Risk Management Summits, taking place June 9-11 in National Harbor, MD, July 23-25 in Tokyo, August 5-6 in Sao Paulo and September 22-24 in London. Follow news and updates from the conferences on X using #GartnerSEC.