Island announced the first password manager natively built into an enterprise browser, providing IT teams and employees with powerful new capabilities to eliminate password abuse, help ensure organizational custody of corporate passwords, and embrace passwordless user authentication flows.
By offering an advanced password management system within Island’s award-winning Enterprise Browser, Island offers enterprise-grade capabilities to more effectively meet organizational requirements absent in consumer-grade extension-based password managers.
“Password managers are an important security tool, but they’re only as secure as the browser and device where they’re used. When they’re deployed as a rudimentary browser extension, password managers do not act with the context of the enterprise in mind,” said Dan Amiga, Island CTO.
“By building a native password manager that is contextually aware into the Island Enterprise Browser, rich with policy and enforcement controls, users and enterprises can close the gap and fully protect the entire password lifecycle. We’ve solved one of the key hurdles to enterprise password management, and we’re helping our customers transition to the passwordless future,” added Amiga.
Island’s password manager empowers enterprises to take advantage of the broader context and capabilities of the Enterprise Browser to extend password management in many ways, such as:
Enabling corporate password usage only in trusted environments: The Enterprise Browser is contextually aware of its environment to help ensure safe corporate password usage where it is appropriate. Context is provided via attributes like user/groups, device posture, geolocation, network, and destination application.
Island continuously provides this context to enforce the appropriate usage of corporate passwords in the proper situations. Extension-based password managers are limited in their contextual awareness and cannot leverage these attributes, leaving open the potential for organizational passwords to be used in undesirable situations. With Island, browser updates are enforced automatically and access is only granted when the device meets the security standards defined by the organization.
Providing seamless user experience with passwordless authentication: Island Password Manager has the advantage of operating natively within the Island Enterprise Browser or as a stand-alone application, offering a user experience that’s simply not possible with an extension. This simplifies onboarding and delivers a consistent, familiar user experience across the user’s entire corporate or BYOD device footprint for enterprise application needs.
User interaction with the Island Password Manager is natively displayed within the Enterprise Browser, or launched as a standalone app for use outside the browser to manage passwords, API keys, secure notes, or other secrets. Further, the Enterprise Browser integrates with enterprise identity management platforms to authenticate every user, and can use advanced multi-factor authentication (MFA), passkeys, or other passwordless authentication techniques. This creates a frictionless experience for users to access the Enterprise Browser and the Island Password Manager.
Administrators can require authentication to resume an idle browser session, or protect critical applications or workflows with additional step-up MFA challenges. Additionally, administrators can make credentials available to a user without ever disclosing the password itself — which is particularly useful for privileged user access to critical systems.
Protecting the password lifecycle with advanced security framework: Every action within the Enterprise Browser — including password access and use — is protected by Island’s unique Self-Protecting Browser architecture. This provides robust defense against the range of password compromise types such as phishing attempts, spoofed websites, stealing cookies, session hijacking, or man-in-the-middle attacks.
Further, Island leverages a zero knowledge architecture for storing encrypted passwords. By using high enterprise security standards and zero knowledge architecture, passwords and secrets are never vulnerable to local attack on a compromised device, nor can they be exfiltrated from Island Cloud, whether by malicious external attack or insider threat.
Completing the lifecycle, Island protects enterprise applications and data across the entire user interaction, something that is not possible with an extension-based password manager alone.
Transforming the management and deployment of password management: With extension-based password managers, administrators must manage the deployment of the password manager separately from the browser and use an entirely separate management console for policy control.
With Island, administrators can enable the Island Password Manager directly within the Island Management Console to make it immediately available to end-users. There’s nothing more to deploy, configure, patch, and maintain. Customers gain operational efficiencies by leveraging the same policies, integrations, and management console for the Island Enterprise Browser and Password Manager.
Password management is then built naturally into the browsing and application experience. Further, organizations can reduce their effort and expenditure on rudimentary extension-based approaches.
The Island Enterprise Browser is used by some of the world’s most sophisticated organizations across industries, including healthcare, financial services, hospitality, manufacturing, retail, aviation, and technology. Island’s built-in or stand-alone password manager are optional modules available immediately as a seamless part of the enterprise experience for these organizations.