Slashdot Mirror

← Back to Stories (view on slashdot.org)

Enterprise-wide Browser Upgrades, IE, and Patching?

Posted by Cliff on from the between-a-rock-and-a-hard-place dept.

newkid asks: "Our company needs to upgrade its standard browser, a difficult decision when we factor security, compatibility and the logistics of actually doing it. For compatibility, Internet Explorer is required by internal applications like IBM Tivoli Storage Manager, so we have to keep it. On the security front, expert bulletins keep ranting every week about the latest gaping holes in IE but nobody really seems concerned: for example, many on-line banking services only work in IE, and they don't check for patches. Meanwhile, users do not care, as a large portion of the traffic still comes from IE 5.5, a version discontinued by Microsoft. As for logistics,the software distribution technology and the cost of patching both make the project much larger than we can undertake this year. Our two options are: roll-out IE without patching, or roll-out IE and Netscape, but lock IE so it can only surf on intranet sites, and update NS with rsync or Ant. What is your company doing? What is your strategy? How serious are the security threats? What are the documented security breach caused by IE? We need a reality check."

5 of 53 comments (clear)

  1. Mozilla by Cokelee · · Score: 5, Insightful

    Why can't you install Mozilla on a couple of shares and update them. It doesn't have to be on a local machine, and most internal networks remain fairly idle. (The other 60+mbps not being using by an external source.)

    On a very different note: these machines are running Windows, right? Why the security concern over IE?

  2. Easy by 4of12 · · Score: 3, Insightful

    MyCorp finally decided that IE 6 was an improvement over NS 4.7 for our Windows machines. Despite disliking the borglike tactics of MS, the decision made sense locally. It's almost easier to just let Windows have its way and use IE by default. But I would insure the security patches are up to date. Use SMS to update them.

    Our migration to IE was decided before Mozilla was as good as it is now. Also, Opera ain't bad, nor Konqueror/Safari. Check `em all out and keep your internal sites W3C standards compliant so you have options in the future instead of handcuffs.

    --
    "Provided by the management for your protection."
  3. Re:Are you sure you *need* IE? by mbogosian · · Score: 3, Insightful

    You mentioned that tivoli's storage manager requires IE but a quick look at their product info page [ibm.com] indicats that they support HP/UX,linux,Solaris and other clients and if that is the case then their web software must work with other web clients.

    Be wary of any application which requires a certain browser for an interface (IE, Mozilla or otherwise).

    Browser-specific sites are bad, but apps are worse.

    --

    moto411.com
  4. Re:Are you sure you *need* IE? by shaitand · · Score: 3, Insightful

    This is true, especially since the entire point of using an html based interface on a local app is portability...

  5. Darn by Anonymous Coward · · Score: 1, Insightful

    I was hoping you'd say something like:

    "...the then SARS have already won."