The Open Road

Despite its 22.51 percent global market share, Mozilla's Firefox browser has yet to crack the enterprise IT barrier. While Firefox is undoubtedly used widely in the enterprise, Internet Explorer is still the default choice for enterprise IT, in part because Mozilla has never made any particular market, including enterprise IT, a focus.

No more. Perhaps responding to criticism that Firefox lacked the tools to help enterprise IT departments manage its deployment, Mozilla is now rolling out a Build Your Own Browser program. The program aims to provide "a good fit for enterprises that want to create a customized browser that can be easily installed across multiple corporate desktops," according to Mike Beltzner, director of Firefox at Mozilla Corp.

This is good news. While some breathlessly wait for Google Chrome to leverage Google's cachet into the enterprise, ultimately functionality and stability win with skittish IT professionals. Mozilla's Build Your Own Browser program is designed to deliver against these IT requirements.

The program works as follows: IT professionals can tailor their preferred browser configuration (perhaps with default bookmarks to corporate Web sites, for example) using a Mozilla Web application, including corporate branding using Mozilla's Personas technology. The application will then send the user a custom installation program for deploying the browser across the company.

It's an interesting new foray into enterprise computing by Mozilla, but it's doubtful that the program will foster an exodus from Internet Explorer. That is happening already, with or without such enterprise tools. Mozilla is already seeing its Firefox market share gain 5 percent each year even as IE falls by 5 percent per year. This is leading more application developers to write their software for both IE and Firefox.

This, it is assumed, will continue apace.

In fact, with things like Mozilla's new Add-on Collector service for Firefox, which makes it easier to subscribe to and maintain third-party add-ons (e.g., Fasterfox, Faviconize, etc.), Mozilla is setting new benchmarks for browser performance and ease-of-use. Internet Explorer is playing catch-up.

Enterprise IT is a lagging indicator of where the market is going. It's normal that Firefox's rising popularity should be felt everywhere else first. At some point, however, even the stodgiest of enterprise IT departments is going to need to recognize that with roughly a fourth of their constituents using Firefox, sticking exclusively to IE is a losing battle.

Follow me on Twitter @mjasay.

Microsoft blames add-ons for its Internet Explorer security woes, according to InternetNews, yet in separate news from TechCrunch Mozilla's Firefox just hit its one billionth add-on and yet delivers better security, according to several studies.

Is Microsoft out of line?

Probably not. Microsoft is almost certainly right to pin some blame on add-on functionality to the browser as a security vulnerability. But given that add-ons are a fact of life now, what is Microsoft doing to protect its IE users against malware attacks?

Plenty, and in perhaps in the most important place: the update service. Both IE and Firefox include automatic update services, but researchers for the Honeypot Project discovered that Firefox's mechanism may actually be more effective:

We suspect that attacking Firefox is a more difficult task as it uses an automated and "immediate" update mechanism. Since Firefox is a standalone application that is not as integrated with the operating system as Internet Explorer, we suspect that users are more likely to have this update mechanism turned on. Firefox is truly a moving target. The success of an attack on a user of Internet Explorer 6 SP2 is likely to be higher than on a Firefox user, and therefore attackers target Internet Explorer 6 SP2.

The Honeypot research was done in 2007, however, on older versions of both IE and Firefox and, as Sean Michael Kerner writes in InternetNews, the game may have moved on, and neither Firefox nor IE may be fully ready to "play":