CyberArk, the identity security company, today announced the general availability of CyberArk Secure Browser, the industry’s first identity-centric secure browser, providing enhanced security and privacy alongside a familiar, productive user experience.
Backed by intelligent privilege controls and simple to deploy across devices, CyberArk Secure Browser is purpose-built for a cloud-first world, providing secure, consistent access to both on-premises resources and SaaS applications. It allows unprecedented visibility, control and governance for security teams, helping to prevent the malicious use of compromised identities, endpoints and credentials both at and beyond login.
Secure Browser is a component of the CyberArk Identity Security Platform, enabling secure access for any identity — human or machine — to any resource or environment from anywhere, using any device.
“Increased usage of remote access, SaaS applications and cloud infrastructure created a security blind spot for us, prompting a rethink of our security posture and investment in tools to secure unauthorized access to critical assets via our distributed workforce,” said Chris Dove, Enterprise Architect, California Department of Finance. “Adding CyberArk Secure Browser to our existing CyberArk deployment will allow us to strictly enforce security policies without sacrificing productivity. We will be better able to safeguard our data, making sure employees can only access work systems through a secure, isolated browser that rotates passwords and keeps them from being saved – and potentially stolen.”
A March 2024 study of US office workers further highlights the browser-based cybersecurity risk exposure faced by organizations:
- 78% use the same device to access company-confidential and sensitive information as they do for personal browsing
- 65% said that they need to violate organizational safe browsing policies to perform their role (12% “always” violated policies).
- 59% save workplace logins and passwords in the web browser used to perform their job.
- Most employees aren’t practicing safe browsing habits
- 74% said that they violate organizational safe browsing policies to perform their role
- 60% of respondents don’t have MFA as part of their workplace security team’s safe web browsing policies
- The most common types of sensitive data that employees have access to are customer records, employee salaries and sales forecasts.
- Chrome is the most popular web browser, with almost half (49%) of respondents reporting that as their workplace’s required browser
- Employees are using work devices for personal reasons and sharing passwords across both devices.
-
- Almost all respondents have used work devices (phones, laptops, tablets and desktop computers) for personal reasons, and more than three-quarters (78%) admitted to using the same workplace device to access confidential information at work as they do for personal browsing.
- More than two-thirds (68%) of respondents admitted to using the same passwords for both workplace and personal applications, and 25% save both personal and workplace passwords in their workplace’s web browser.
- 35% of respondents use their work device for online banking and other personal financial-related activity, despite the fact that 40% are most concerned about payment fraud when it comes to digital scams. Even further, two-thirds of respondents are not confident in their organization’s ability to defend against payment fraud.
Available to customers of the CyberArk Identity Security Platform, CyberArk Secure Browser safeguards the organization’s most valuable resources, enabling a secure passwordless experience, easy access to privileged information and assets and helping to prevent breaches resulting from cookie theft and session takeover attacks.
Recent major security breaches and new research from CyberArk Labs demonstrates how easy it is for techniques like cookie theft to give threat actors unauthorized access to sensitive data and assets, completely bypassing authentication tools. Secure Browser can ensure that there are no cookies to steal.
CyberArk Secure Browser Addresses Key Enterprise Cybersecurity Challenges
- Secures all access – including privileged and sensitive access – from the browser
- Fully integrates with the organization’s entire Identity and Access Management and security architecture
- Provides a secure and safe way for users to access corporate resources from their own or unmanaged devices
- Separates work and personal applications and domains
- Enables easy, quick resource access for all user types, including high-risk groups
- Streamlines ability to meet regulatory and audit requirements
“The proliferation of SaaS apps, cloud-native resources and business-critical applications that are accessed from the browser introduce new and significant risks that attackers have been quick to take advantage of,” said Matt Cohen, CEO, CyberArk. “Traditional access management approaches lack the right controls at the edge to be able to see and secure the complete identity journey, end-to-end. We are excited to deliver an enhanced enterprise browser that boosts productivity and layers on additional security and privacy controls to the most frequently used application in most organizations. This is just another example of how CyberArk is extending identity security to all users no matter how they access sensitive data and assets.”