For the longest time, it seemed as though Microsoft was just going to sit back and let Firefox crush it. Perhaps overconfident in Firefox's inability to be controlled through Group Policy on the enterprise level, Microsoft didn't think the Mozilla browser to be much competition. Boy, was it wrong. Google's Chrome (still in beta) is also getting some good buzz on the individual user front. But the Redmond giant has taken some serious steps to ensure it doesn't surrender more of market share in the Browser Wars.
For one thing, Microsoft has been focusing intently on compatibility with Web standards -- I know, not a traditional Microsoft tactic, but a wise one on the company's part. In addition to simply passing the independent Web Standards Project group's Acid2 test, Microsoft's goal with IE 8 is to fully support the World Wide Web Consortium's CSS 2.1. For developers, this means Web sites developed to comply with standards will be compatible across multiple browsers, including IE.
[ Read more about IE8's privacy features. Also, is the browser too bloated for its own good? ]
But what about the enterprise world? Well, that world may encompass a variety of different user types from those who sit at a desk all day long to those on the go. From the traveling user (one who may be using IE on shared or public computers), there is a new InPrivate Browsing mode. Suppose you sit down at an Internet cafe and need to perform a variety of private tasks (such as logging in to your online e-mail or OWA to your company e-mail): You use InPrivate Browsing mode, and your data from that session will not be saved.
As for in-house protection, IE has come a long way in terms of protecting people from security risks. In fact, when working in conjunction with Windows Vista, IE is even more secure than Firefox and Chrome because the OS itself is assisting in the protection process. Data Execution Prevention (DEP) is on by default with IE 8, and when working with Vista SP1, it can prevent damage to your systems from viruses and other malicious code because it prevents the code from writing to executable memory space.
IE 8 includes stronger warnings for users through a feature called the SmartScreen Filter. IE 7 tried to protect us with some strong warnings, but the SmartScreen Filter turns the address bar red and reddens the background screen -- really stopping users and making them think before they continue to harmful content. Other security features are included, such as Domain Highlighting, which will help you to clearly see if an address is a trick (i.e., www.m1crosoft.com, as opposed to www.microsoft.com). In terms of control over your users, Group Policy has also received improvements with IE8. With the new administrative template for IE 8, you can lock down nearly all browser settings.
IE 8 isn't earth-shattering by any means -- and that is actually a good thing. We don't need explosively new ideas in the enterprise world. We need functional, secure, controllable software. On top of those features, IE8 attempts to enhance our browsing experience with features such as accelerators (which give you access to online services you use each day with a single click), enhanced navigation (including Tabbed Groups), promised performance increase, improved favorites and history management, Web slices, and instant search and "Find On Page" feature improvements.
Now before we count out Firefox and Chrome, let's be honest: Some of these features I discuss here are already in Firefox and Chrome. For example, Chrome's safe browsing alerts have the same red background warning messages. Tabs can dynamically moved around or pulled into their own windows. Search features are top of the line (as you would expect from a browser from Google), including an address bar that assists with searching and Web history, all in one box.
But on the negative side, Chrome is written to bypass restricted write areas in Windows XP systems; thus, users are actually able to install the browser all by themselves in an enterprise. A good thing? Absolutely not! Admins usually prefer to control the installation of software within their environment. If you need to prevent users from doing this, you can set Group Policy to block the three main files that Chrome installs on systems (a setup file named chromesetup.exe, an executable named chrome.exe, and Windows Installer file named gears-chrome-opt.msi). Just the fact that Chrome is designed to ignore a basic principle of network security makes me leery of what other security issues are present.
What about Firefox? Well, the standard admin line used to be "Yeah, Firefox is cool at home, but here in the office, we need to be able to lock it down with Active Directory Group Policies -- and we can do that with IE for free." Well, you might want to check out FrontMotion's Firefox Community Edition that offers, for free, the ability to enforce settings across your organization through Active Directory using administrative templates -- similar to locking down settings with mozilla.cfg on one computer. Check it out at www.frontmotion.com/firefox.
The Browser Wars are alive and well. The good news for us is that Microsoft, feeling the pinch of competition, has started to throw some of its brainpower behind software enhancements. Nothing stalls software improvements like a monopoly -- and nothing kick-starts it again like competition. We have much to thank the folks at Mozilla for.