At least two web browsers for every
Australian desktop: It should be mandatory

50

opinion In mid-2008, a government staffer at an employee town hall meeting being held by the US State Department got up to ask Secretary of State Hilary Clinton what appeared to be a rather unusual question for the venue. “Can you please let the staff use an alternative web browser called Firefox?” asked public affairs officer Jim Finkle.

“I just moved to the State Department from the National Geospatial Intelligence Agency and was surprised that State doesn’t use this browser.”

As a round of unexpected applause from State Department staff exploded around the room, Finkle pushed on. Like a seasoned journalist in the White House press gallery, he bluntly explained his rationale to one of the most powerful political figures in the world. “It was approved for the entire intelligence community,” he continued, “so I don’t understand why State can’t use it. It’s a much safer program.” A taken-aback Clinton didn’t seem to know how to react, according to the transcript available online. “Well, apparently there’s a lot of support for this suggestion,” she laughed, before passing the baton to departmental under-secretary Pat Kennedy.

To Clinton — and no doubt to many in the audience, the request must have seemed an odd one. Probably, the Secretary of State thought, there would be more important organisational matters which State Department employees could have raised with her in that very public venue. Questions of internal policy, problems of how to best implement government programs, even cross-jurisdictional issues between the State Department’s many far flung facilities. And indeed, other questions did touch on these areas.

But the Firefox question was clearly taken seriously by State at that point — with Kennedy going to great pains to respond to Finkle’s issue and confirming support for the upstart Mozilla browser. And despite the difficulty of mobilising any change in an organisation the size of Clinton’s department, the question did get resolved. In March this year, State announced it had rolled out not Firefox, but Google’s similarly advanced Chrome browser to 60 percent of its 100,000+ desktop PCs in a bid to give employees more browser options.

The root cause, of course, of Finkle’s complaint to Clinton was that he was being unnecessarily forced to use decade-old technology at work.

With the launch of Windows XP in late 2001, Microsoft for the first time successfully married the dramatically more stable operating system kernel it had fundamentally re-written for Windows NT, and matured with Windows 2000, with the consumer- and business-friendly features of its more mainstream operating system lines, which had their genesis from Windows 95, through 98 and then ME. Over time, XP would come to be so stable and popular that more than a decade later, every large Australian organisation would still be running it in some form, somewhere — and a huge amount are still running it on the majority of their staff desktop machines.

However, the ubiquity of XP also birthed what Valve Software would refer to as ‘unforeseen consequences’: It entrenched the bundled Internet Explorer 6 browser as a hideous web standard. With the one true desktop operating system came the one true web browser. And this standardised platform delivered a new era of corporate productivity as large organisations all over the globe developed a new-found enthusiasm for developing in-house applications delivered through a web browser.

But now the worm has turned; the snake is eating its own tail.

In their struggle to continue to support those internal applications, large organisations have proven extremely reluctant to upgrade their internal desktop standard operating environments to new versions of Internet Explorer and to completely ignore rival software platforms — leading to the kind of negative productivity, privacy and security outcomes which the launch of IE6 in 2001 hoped to avoid.

IE6’s strangehold over Australian organisations is no less strong than it is in the US. Westpac. The Australian Taxation Office. The Department of Defence. The Commonwealth Bank of Australia. And, of course, other government departments beyond count in Australia. All of these are organisations that have admitted over the past two years to still using version 6 of Internet Explorer. Some of them have started upgrading, but where they have, they have typically only upgraded to Internet Explorer 7 — which is nearly as bad.

The problems which IE6 suffers are obvious to anyone who has spent any time either using a web browser or developing a web site.

In the words of Microsoft itself, which has started an Internet Explorer 6 death watch page to try and kill off the Frankenstein monstrosity it birthed a decade ago: “The web has changed significantly over the past 10 years. The browser has evolved to adapt to new web technologies, and the latest versions of Internet Explorer help protect you from new attacks and threats.”

Usably fast JavaScript. Support for tabbed browsing. Searching from the address bar. Protection against Internet malware. Memory protection between tabs and from the operating system. The ability to resume downloads. The ability to add popular plugins to bolster its core functionality. granular privacy controls. These are just some of the modern browser features which virtually every modern browser — including recent versions of IE itself — support, that IE6 doesn’t. As an information professional, no doubt Finkle wished to do something as simple with his desktop PC as open new tabs for new web pages he was referencing in his work. Yet this basic feature — and many others — is simply not available in IE6.

Beyond that, IE6 often just doesn’t work, in any practical sense. The browser’s lack of support for modern web standards means many modern web sites just don’t view correctly, or sometimes at all, when viewed with IE6.

Now, I understand why organisations have stuck with IE6 (and now, increasingly, IE7) for so long. It’s a no brainer. Faced with the choice of re-developing a core business application or replacing it completely, it is an easy choice to keep employees on a supported web browser rather than invest in a new system, which could be significantly expensive to deploy. When so many organisations have standardised so heavily on Microsoft software throughout their operations, any wholesale shift to a replacement web browsing platform is going to involve a lot of work which most of the top decision-makers will consider an unnecessary distraction from more important tasks.

However, what I don’t understand is why so few major organisations in Australia or globally have done what the US State Department has done and deployed a second web browser as a complement to that core Internet Explorer functionality.

In the consumer world, having a second or even third browser installed on your desktop PC is de rigeur. Any self-respecting geek wouldn’t be caught dead using an old version of IE at home, when the broadly faster, more stable and more capable Firefox and Chrome platforms are available, and I can distinctly remember the relief experienced by my older relatives when I installed one of these alternate browsers on their home PC half a decade ago. Suddenly, they told me, the Internet “just worked”. Funny, that.

Corporate workers are well aware of this trend, and the anger about the fact that it has not penetrated into many workplaces has often spilled out in public. The US State Department example is a good one, but in Australia there are also many government staffers (particularly high-powered ministerial advisors) who take their personal MacBooks into the office to get their work done on an everyday basis, only using their office PC when forced to interact with some arcane official system.

In the past, much of the rationale against alternative browsers in the workforce related to the idea that Internet Explorer was much more centrally manageable from an IT department’s perspective than Chrome or Firefox. You wouldn’t want to have a dozen versions of Firefox deployed around your organisation, the argument went; that would make it impossible to administer centrally when it came to security settings and minor upgrades. However, over the past few years this argument has become more and more irrelevant. Both Google and Mozilla have implemented centralised management strategies for their browsers which play well into the existing software administration strategies which are in play in IT departments.

When you take all of this into account, as well as the fact alternative browsers such as Chrome and Firefox are well … completely free to implement, and most people would find it trivial to use them alongside any version of IE (meaning there is no need to train staff to use something they probably already use at home), the lack of corporate rollouts of alternative browsers in Australia becomes somewhat mystifying.

The last time Delimiter touched on this topic, in September 2010, we found it very hard to find any major Australian organisation officially running anything other than Internet Explorer, apart from organisations like IBM and De Bortoli Wines, which have had a conscious philosophical preference for using open source software where possible. At the time, a spokesperson for the Australian Government Information Management Office (the central IT strategy group for the Federal Government) said that over 96 percent of government PCs used Internet Explorer, with Firefox boasting a share of just three percent. And Mozilla issued a blanket statement noting it wasn’t aware of any major rollouts in Australia.

Not much appears to have changed since then.

A false dichotomy
In my opinion, the greatest problem which alternative browsers face in attracting the interest of Australian IT managers is the belief that they’re not needed. When major Australian organisations set centralised IT policy for large workforces, they usually like to standardise on a discrete set of technologies which are easily deployed and maintained, popular amongst their peers and capable of performing more than one task, if possible. This trend can be seen in virtually every sphere in Australia’s enterprise IT sector.

In unified communications, organisations are increasingly standardising on Microsoft, Cisco and Avaya. In desktop software, Windows, Outlook/Exchange, Office and SharePoint. In network infrastructure, Cisco and HP ProCurve. Dell and HP on the desktop, SAP and Oracle for business applications, Telstra or Optus for telecommunications, VMware and sometimes Microsoft for virtualisation. EMC or NetApp for storage; and the list goes on in this vein.

What this means for alternate browsers is that many IT professionals believe the deployment of Internet Explorer in the enterprise means the ‘problem’ of which web browser to deploy on their organisations’ desktops has already been solved. Web browsers are the desktop software version of a Swiss Army Knife, the philosophy goes — able to perform virtually any task that they’re set to. You need only install one, and the world would come alive at your fingertips.

However, it should be obvious by now that this belief, like many beliefs common within specialised professions, represents a false dichotomy. When it comes to web browsers, Australian organisations should not be choosing one for their staff to use. Instead, they should choose several, as they are often used for different purposes. Rather than choosing to head left or right, IT managers should choose both simultaneously.

Right now, many Australian organisations are grappling with the so-called Bring Your Own Device (BYOD) trend, which is seeing employees seek permission to bring in their own personal technology (laptops, iPads, smartphones) from home for use at work, with a view to working more efficiently and achieving higher levels of productivity. In the microcosm of the web browser choice paradigm, we can see why this trend is currently so powerful and pervasive. IT professionals are too often blocking employees from access to harmless pieces of technology which would allow them to do their job better.

Too often, IT departments are asking the question “Why?” But increasingly, like humble public affairs staffer Jim Finkle questioning Hilary Clinton in front of her entire senior staff, the employees they are supposed to be serving are asking them: “Why not?”

50 COMMENTS

  1. I wonder how many organisations still stay with IE6 (with no alternate browser) because they don’t think staff should be doing anything else online during work hours.

    • *sigh* I can’t believe that sort of stuff is still kicking around, but you’re right, it probably is. It’s a joke trying to restrict employees during business hours. I’ve been both a manager and a business owner, and you just simply have to ignore what else they do as long as they get the job done. It’s that simple. A little bit of web browsing on company time never hurt anyone.

        • I can believe it. Most knowledge-based jobs require quite a bit of intense concentration. It makes sense that workers in these jobs would benefit from having a small break every so often to look at something which doesn’t require so much concentration. I know I do.

      • Not to mention if you did actually want to restrict employee browsing, don’t do it at the client end, do it at the internet end. IE, where you get internet access, restrict access there.

        At least then you don’t leave your clients open to gaping internet vulnerabilities by trying to stop them browsing the web by giving them ie6.

        Not to mention you sometimes get crafty employees who manage to break through client-end restrictions (rules and threat of job-loss don’t stop everyone – especially if they think they can get away with it).

  2. While firefox and chrome have made it easier to use them in a domain, they’re still not in the same field as IE. I’m a one man IT team (and therefore not who the article is really discussing), so I’m pretty sensitive to anything that would suddenly add more demands to my time:

    -Major Updates: IE has a major release once every year or two, and heavy testing happens once for each major release. Chrome versions update every few months. Firefox gets around this one with it’s ESRs.
    -Security updates: Disabling auto-update on chrome also disables security updates, which is unacceptable. Chrome and firefox win in terms of releasing security updates faster, but IE wins with ease of testing and pushing the updates to users.
    -Support: At the moment we do have a few business apps (I’m looking at you, MS dynamics CRM) that only work with IE. Having a second browser installed would guarantee a lot of support calls from people using the wrong software in the wrong browser.

    Most users are happy to use whatever browser is in front of them to get work done. I’d love to push out chrome or firefox, but right now I simply cant justify committing that time. I’ll check in again once MS CRM finally gets multi-browser support and might come up with a different answer.

    • Mate, I really don’t get why an IT department needs to be in charge of updates for Chrome, when it auto-updates straight from the source. Sure, there’ll be a little bit of extra download quota because the patches aren’t downloaded once and then applied from within the network, but who cares? It would only be a very small amount used, compared with any company’s Internet usage.

      As for in-house apps not working in Firefox or Chrome, that should be an easy fix. If you’re worried about it, just implement an in-house proxy that will redirect the user to an explanatory page whenever they try to access the in-house apps through any browser that’s not IE. The users will quickly get the picture.

      As for this:

      “Most users are happy to use whatever browser is in front of them to get work done.”

      Obviously you don’t work with anyone under 40 years of age then — or anyone productive at all.

      Sorry, but I got to call it like I see it.

      • You need to be a pretty big company to have an IT department. If you have 1500 users, you’re probably paying a small fortune for everyone to download the same thing 1500 times. And then who knows what version of each browser different people are on. It’s much easier to support hundreds/thousands of users when once / month, everyone gets the automated reboot and is put on the same the version.

        I think Stove’s point is that it’s very hard for one man IT teams to support cross-browser compatibility. AJAX, javascript CSS etc, work completely different in different browsers and it’s a major time sink when you could actually be implementing extra features.

        Yes, it could be fixed with your proxy idea but that takes time and money. And that means you’ve just recommended organisations to spend time and money to make people more productive when they’re browsing their own stuff on the net lol.

        • You make some good points, but I don’t think Firefox and Chrome actively need to be supported by IT departments. People actually know pretty much how to use those browsers. If I was an IT manager, I would roll them out by default and make them the default browser. Then, if the user tries to browse to an in-house web app which requires IE of some variety, I would get their PC to launch IE for that specific case somehow — I’ve mentioned earlier how proxies can be used to do this.

          This really doesn’t sound like too much of an effort for even the smallest IT department.

      • We’re probably an edge case here, but well over half of all office web use is the in-house apps and some government sites we’re required to use (the rest is mostly facebook and youtube of course). Occasionally a browser update will come along and break one of them, which means we get to roll everything back until the issue is fixed. The proxy idea wouldn’t work too well as it’d lead to a browser you can’t get any actual work done with.

        If a user asks to use another browser, they can – asking for it pretty much demonstrates they know what they’re doing. Most of my users are either in sales or direct client support (yes, most are over 40), and computer skills don’t enter the hiring process. I get regular calls from people who don’t remember how to attach a file to an email or ‘lose windows’ when they minimise them.

        I’m all for freedom and variety. I’ve been a linux user since 2004 and we have a steadily increasing number of macs, and I really can’t wait until we’re completely browser/platform agnostic. Right now though, IE is the best option for this office.

  3. Well, at my work, I’m aware of a fair number of users who use Chrome for everyday browsing, and only go to IE for business apps. Chrome doesn’t require admin privileges to install or run, so it ‘gets around’ the software lockdown. Firefox used to, but so many people were using it, the IT dep’t eventually deployed an app that searched for and deleted it.

    At least we’re running an up-to-date version of IE… (but it still breaks a surprising number of web pages!)

    • “the IT dep’t eventually deployed an app that searched for and deleted it”

      That sounds like the definition of evil — why would an IT department want to *remove* software that helped people get their job done better? Sheer lunacy.

      • If you’re a department like the ATO, where there is an incredible amount of sensitive information, you want as little connectivity to the outside world as you can. 100% control over information coming in is the desired situation, and what they try to achieve.

        Yes, it can get in the way of doing the job, but the alternative can open up too big a security risk to be acceptable. And for Govt departments, therein lies part of the problem. They are scrutinised on security so much that where they can, they maintain what they know to work, and only drag their feet into a new era when they are forced to.

        It doesnt make it right, or the most convenient approach for staff, but it does make it as secure as possible. 1 system to maintain, 1 system to stay on top of.

        • I’m sorry, are you saying that IE6 is secure? I’ve never found browsing the web with Firefox and Chrome to be insecure — in fact, those browsers give me warnings whenever I visit an insecure site. IE, on the other hand … not so much.

          • Sorry Renai, no I’m not. What I’m saying is that because of the security necessity some departments MUST have, they prefer to stick with the tried and tested, rather than effectively restart.

            That doesnt mean they dont or wont upgrade, only that its a slow and time consuming process.

  4. Interesting that the used of Google Chrome Frame (http://www.google.com/chromeframe) wasn’t brought up. I know it means that any website that wishes to use it needs the correct tag on it, but many professional developers do use the HTML5 Boilerplate as a starting point for websites where this tag is in by default.

    For those that aren’t aware, Google Chrome Frame installs underneath IE6 (so to speak) and when a website loads with the correct meta tag in the code:

    It will use the Google Chrome (webkit) rendering engine, rather than the IE6 to render. I know this doesn’t cover the other features mentioned such as tabbed browser etc, but at least it takes care of displaying a website in all its full HTML5/CSS3 compatibility that IE6 only dreams of.

    It’s a stop gap I know, but it’s something to consider as a first step.

    • Interesting, but this looks like something that would require significant buy-in from web developers. Plus, you’ve got to convince your IT department to install Google Frame, so the whole debate starts over again …

      • You can set the appropriate HTTP headers from the webserver directly instead of having it embedded in each HTML page, so it doesn’t directly require the web developers to do anything.

        • As a web publisher, I’d be hoping that my web host wasn’t inserting tags through my web server software without me knowing about it ;)

          • Hmm. Maybe it’s not the best usage for it, but it’s still useful. I set it on all my webservers to save on the bandwidth of sending the extra text in each page request. It’s not much, but every little bit adds up.

  5. IE9 can hold is ground pretty well against Chrome and Firefox plus it is much more secure than the others

    • As a developer, I’ve found plenty of AJAX, javascript & CSS things that work really well on IE9 but completely die on other browsers.

      It’s all good to have cross-browser compatibility, but someone has to do the leg work to actually check that it’s all supported.

      So it really comes down to what platforms the developer wants to support. I think IE9 has some really good offerings at the moment.

      • Care to name any that are not IE-specific? I’ve yet to come across any myself. I’ve mostly seen it go in the other direction, with IE being limited on its CSS3 support and SVG/canvas support (until recently).

  6. At the federal goverment department I work for we deploy Firefox and MSIE, and even opera and chrome in some situations.
    All are centerally managed and updated, it is easy.
    I am suprised more places don’t do this.

      • Hi Renai – heard on the grapevine that ‘someone’ had FOI’ed all the government departments for web browser vendor and versions (about a month ago).

        • Interesting. I’m not sure to what extent that’s possible, but if it does happen it will eventually be public, as any FoI request must eventually be made public on each department’s web site.

      • Just a small agency located in the parliamentary triangle :)
        I’d rather not advertise which one I work for.

        Although I have been told Firefox is deployed to at least some areas in Department of Environment (perhaps more widely, but I do not know).

        Department of Finance (AGIMO) may know what browsers each agency uses from one of their many surveys they send though to CIOs in each department. (probably related to desktop SOE)

  7. Where I am (state government IT) We only support IE (we are running version 7) but people are allowed to install other browsers, they are just not supported. So if they are having issues with a web app and are not using IE depending on the issue they are having, they won’t get any support.

    • Surely it should be fairly easy for the the IT helpdesk to say: “Run that app through IE”? I think people are capable of understanding that they can use one browser for some tasks and another browser for other tasks?

      But at least it’s good that other browsers can be installed — a definite step forward :)

  8. As a web developer, I currently have 9 different web browsers installed on my PC. I can only guess at the horrors that people doing internal webdev for other organizations must go through if they are restricted to only using IE.

    • “I can only guess at the horrors that people doing internal webdev for other organizations must go through if they are restricted to only using IE.”

      +1

    • Obviously you don’t work for State or Federal Government — not that I believe for even a uSec that they are not allowed to go outside the envelope. However, it’s noteworthy that the only sites which break my K-Meleon and Opera are Public Sector. I am left with the conclusion they know all the workarounds for IE, and have never even looked at the W3C/ECMAScript standards.

      Gordon.

  9. Personally, I use IE9 on Windows 7 – but since installing IE10 on my notebook, IE10 isnt getting much air-time in metro-mode, only with the standard interface. I cant fault IE10 yet, but that said – as an alternative, Id prefer chrome just because of speed and a clean interface.

    Ive found everytime I’ve used Firefox, I end up with links that dont work or videos that wont play.

    That said, as from a Vodafone point of view – IE is supported, but they do get a mix of Chrome and Firefox. The Software and Systems Engineers have outlawed Macs and Safari, purely because of compatibility issues with the mainframe core systems – plus i get the sneaking feeling they dont like Fruit :P

  10. Some notes from the trenches:
    * Users can handle choice, and IT can direct them towards the best option in the rare cases it becomes a problem.
    * We are now also including Chrome alongside Firefox as part of our standard operating environments.
    * Centralised co-ordinated updates are a necessity in a corporate environment though (for the reasons listed above).

    PS It is going to be interesting when the realisation dawns that you can’t run IE6 on a Android (or IOS) smartphone or tablet :)

    • (FYI I believe this comment to be from Bill Robertson, the CIO of De Bortoli Wines)

      “PS It is going to be interesting when the realisation dawns that you can’t run IE6 on a Android (or IOS) smartphone or tablet :)”

      I consider this one of the most insightful comments I’ve heard on this issue. As tablets start to replace desktops (with cradles and so on), one can see the IE6 situation being resolved once and for all.

  11. Our solution was to mandate that the IT department will only support IE, but, you can use any other browser you want, we just won’t support issues with it accessing company resources. (Intranet, web mail and so on).

    We have a UTM that restricts sites allowed, (no Facebook for instance), but opens up access to an increased set of sites before and after work and during lunch time. (But basic blocked items like porn remain blocked all the time).

    It transparently intercepts web requests and blocks work arounds like external proxies, TOR etc.

    To be honest I use Chrome most of the time myself, but IE9 actually isn’t too bad and I find myself using it quite often.

  12. I have four web browsers installed in my computer: chrome, firefox,IE 9 and Aannt browser. Use them at the same time or choose one of them to use.
    This makes me has less problem in each browser.

  13. While we’re stil feeling good about FF…

    “Default page size for printing is letter
    “Mozilla Firefox>>Bugs>>Bug #10910” from “https : // bugs-launchpad-net / firefox / +bug / 10910”

    “Indie (alanlitster) wrote on 2011-03-11:

    “I’ve just come across this bug myself and can’t believe it’s been going on years.

    “Even though my system is setup to use en_GB and /etc/papersize contains ‘a4’ firefox still defaults to the non-standard ‘letter’ paper size.”

    This bug was first reported 27 May 2002…

    Please, don’t get me wrong. There are many, many reasons why every workstation in any office at all should have at least two browsers ready for use.

    However, FF is at least as buggy as IE, and getting worse every day. In this thread I have seen no mention of Opera, while Chrome has a range of faults which are unlikely to be fixed in the near term, if ever. We note, for example, that WebKit does not support Oracle/Sun Java… But then neither did IE for many years.

    Security? The problem with IE is that security was taken to the nitty-gritty detail, which the average user will simply reject — justifiably — as too difficult. And, of course, security in the IE browser simply locks the user out of all the nifty things that sub-standard web-weavers put in to make life and browsing enjoyable. ActiveX, for example.

    Gordon.

  14. With the advent of portable apps it becomes harder for the IT dept to restrict what users run.

  15. Yeah! I have avant browser and firefox!
    Most of time, I use avant browser, it is a three-core browser with gecko, webkit and trident! Very useful .I can use chrome and Firefox’s add-ons in it .so cool
    I am a big fan of firefox .so….

Comments are closed.