It seems that Microsoft has enabled their Browser Choice system for EU customers today, several news outlets are reporting end users seeing the message and there are screenshots coming through on Twitter.
I can't seem to find any information about how this will affect corporate users, for some reason the blog post on Microsoft.com is blocked by our up-stream provider. All of our users operate in a Least-Privileged environment so offering a choice of browsers is just going to cause pointless support calls.
Questions
- How will the Browser Choice affect corporate users?
- It is possible to disable this on a corporate network, through Group Policy?
Comment
I have summarized some of the points brought up below:
Transparant Windows authentication is not supported by Third Party browsers, meaning SharePoint will require a login. In our case just using the interent would require a login as we use Transparant Windows Authentication to authenticate users against the proxy.
ActiveX and VBScript - many legacy peices of software were written for a world where IE was the only choice, this can be mitigated by a Supported/Unsupported model giving end-users the choice but putting some restrictions on it.
Group Policy integration - there are ways of getting Proxy Settings and security certificates into Firefox through group policy and start up scripts, even if we were to say that practically only three browsers would be used (Firefox, Chrome and IE8) that is still a huge swathe of extra testing and configuration.
integration with WSUS - FireFox is updated fairly regulary with security updates, at home this isn't a problem as I can elevate to an admin user to install the update, does Firefox give corporate systems administrators any mechanism for disabling Firefox update notifications.
I don't necessarily think it's a good thing. There are perfectly valid reasons why corporations at least prefer to standardise on a single browser (whichever browser that be), including having a known-good baseline across all PCs. If you ever work anywhere where - for example - something like Oracle financials is used, you will understand at least part of what I'm saying.
There are also other perfectly valid reasons why IE may well be the browser of choice for a corporate environment, including factors such as integrated Windows authentication, support for ActiveX and VBScript, Group Policy integration, integration with WSUS, and so forth. Unless and until alternative browsers start offering these facilities then I'm afraid to say that alternate browser choice (for corporate users) is little more than a pipe dream, and will generate havoc on the helpdesk side.
If it makes corporate IT policies shift to installing more than one browser so that corporate development doesn't lock-into one browser like happened with IE6, and corporate users are not treated like kindergarteners, then it's a good thing.
If all it does is generate "pointless support calls", then either a) the users aren't that smart, or b) the corporate IT policies are not being updated to realize there are choices.
I like the supported and unsupported approach. Since IT probably has limited resources, you can officially support IE, since that is what some of your apps require, and then unofficially allow users to use other browsers like Firefox and Chrome. So as a department you might be willing to install those browsers if they need Admin rights, but that is as far as IT will go.
The result is that your IT requirements stay the same, but more advanced users don't get upset that they can't use what they want to use. For the people that want to be a power user, but then need help using there browser, tough luck :-)