Recently I helped my brother procure a new laptop which he uses for work (as a physician) and personal stuff. To help him with some miscellaneous configuration tasks relating to his personal use, I installed Firefox; not really for him to use — he's already familiar with IE — but to help mebrowse the web for whatever relevant tools, utilities and applets he might need. I picked Firefox because that's the interface I'm familiar and comfortable with.
Recently, my brother told me that his I/T guy un-installed Firefox because "it has security issues and only MS/IE should be used on his laptop" (that's a rough paraphrase).
I was a bit surprised to hear this since I've been unaware of any noteworthy security issues or concerns with Firefox. On the other hand, I haven't exactly been looking to see if there were/are any. So, I thought I'd ask the experts — hoping that one or more among them may have some thoughts on this they'd care to share.
I didtry searching this forum for some relevant info, and before coming here, I tried a wider Google search but in both cases didn't really see anything illuminating the answer to my subject question.
Before closing, I should mention that his new laptop is running Windows 10, and therefore has Edgealready installed. This does not appear to worry his I/T guy.
Anyway, thanks ahead of time for whatever feedback anyone can offer.
—Thri
A) IE comes with Windows 10 (as does Edge), so the "IT Guy" didn't install it
B) IE is going to be there whether you use another browser or not. Some people consider having an additional browser to be yet another possible attack vector (regardless of it's security record). In other words, If you're stuck with A, then A+B is more insecure than A alone.
C) Edge has proven to be a very secure browser so far, and is just as compliant as other browsers.
D) His work may have security policies about which software can be installed, or should be used. And therefore, you may have inadvertently violated a security policy.
E) Firefox, like all browsers, has had security flaws. Some of them critical. See Security Advisories for Firefox — Mozilla
I'm not saying that Firefox is any more or less secure than anything else, but regardless it's your brothers computer and he has to use it at his work, so ultimately it's their call what to use.
Hi:
EDIT:Sorry, @Mystere. We were posting at the same time (with the same caveats, it seems).
You wrote:If your brother is in the US, there are very strict Federal regulations (known as HIPAA) regarding storage and transmission of sensitive personal information (aka "PII", personally identifiable information).Recently I helped my brother procure a new laptop — a Lenovo Thinkpad X1 Yoga. Nice machine. He's using it for work (he's a physician)and personal stuff.
If your brother's work IT folks recommend a particular software setup, security measures or other configurations for his laptop, even under some sort of "BYOD" policy, then I would be very reluctant to try to bypass or change the restrictions or to install software that they prohibit.
It couldtheoretically create significant risk of legal or other trouble, especially if he has work data on this device.
The Feds and other authorities do not mess around when it comes to information security and PII and HIPAA -- the penalties are severe.
As a general rule, it would likewise be advisable NOT to mix medical/work use and personal use on this computer.
Just a friendly suggestion.
MM
Thank you, Mystere and MoxieMamma. Your comments give me a good context for understanding my brother's I/T department's requirements. My interpretation is that his I/T folks require IE because of the dependency parameters relating to cloud-based apps and services his business depends on. The take-away for me is that I don't need to be concerned about the security robustness of my preferred browser; that is, Firefox.
Thanks again for your help.
—Thri