The functionality of today’s browsers rivals that of personal computers of just a few years ago, so ManageEngine, the systems management arm of Zoho Corp., is giving them a comparable level of security.

The company today is launching Browser Security Plus, a security tool that lets administrators configure and manage browsers to protect against malicious plug-ins, JavaScript attacks and other forms of online nastiness.

As browsers have increasingly acquired local processing capabilities in recent years, they’ve also become more attractive to cybercriminals. Browsers accounted for more than 23 percent of exploits in 2017, according to AO Kaspersky Lab. They’re also a favored target for cryptomining, which is the fastest-growing form of malware.

But although most organizations wouldn’t dream of putting PCs on their network without a full suite of antimalware protection, browsers are typically protected by nothing more than a network firewall, said Raj Sabhlok, Zoho’s president. “For the most part, browsers are wide open,” he said.

That’s despite the fact that most malware enters an organization through browsers and spreads to PCs. For example, phishing attacks, which hit more than three-quarters of businesses last year, typically begin with a link in an email that, when clicked, installs malware on the host PC.

ManageEngine said it can protect against phishing and any other trouble that begins in the browser. “Everything that you can control from browser settings we can control centrally and lock down,” Sabhlok said. “We give you a unified console for managing multiple browsers so you can set configuration standards and push them out to all devices.”

Currently available only on Microsoft Windows PCs, Browser Security Plus works with Chrome, Firefox, Internet Explorer and Edge, which collectively make up about 90 percent of desktop browsers, according to StatCounter. Information technology organizations can create their own policy templates or use built-in default templates that comply with the U.S. Department of Defense’s Security Technical Implementation Guidelines as well as standards set by the Center for Internet Security.

The engine, which is deployed on a company’s internal network, monitors individual devices on the network and identifies all installed browsers on each. Browser configurations can be grouped and managed by policies, and IT can centrally provide and revoke access to add-ons, plug-ins and browser extensions.

Individual websites and extensions can be blacklisted or whitelisted. As an extra layer of protection, the software provides for a virtual “sandbox,” so that unknown or suspicious sites can be viewed without threatening the host computer or network. Similarly, JavaScript code can be isolated in the virtual browser.

The service is priced at $12 per year per desktop license. A free edition is also available for organizations with 25 or fewer computers. ManageEngine said it plans to add support for macOS, Chrome OS and other operating systems in the near future.

Image: ManageEngine