What’s in the new Edge for enterprises
Edge is getting work options AAD sign-in, privacy tools, managing IE Mode and Microsoft search integration
Changing the Edge browser to be based on Chromium rather than its own EdgeHTML allows Microsoft to promise better compatibility with websites, alongside backward compatibility with IE for line-of-business apps. The weekly Dev channel release now includes enterprise features so that admins can start evaluating it for deployment in pilot and production channels, although a number of key features around security and localization are still in development.
Offline installers for Edge Dev builds are available for Windows 7, 8.1, 10, Windows Server, and macOS. (Unlike the current version of Edge, Chromium-based Edge can be installed on LTSB versions of Windows and Windows Server). Microsoft is also publishing ADMX files with the 180+ group policies that can be used to configure deployment and browser settings. That includes controlling updates to the browser.
You can use policy to pause updates to keep users on a specific browser version if you’re testing new ones for compatibility, and you can combine that with the way you may already be using rings to flight new versions of Windows 10 to a pilot group of users. Or you can take full control of the update process by pushing MSIs (or PKGs for Macs) to managed devices.
A future update to the new Edge browser will support more integrated deployment and configuration with System Center Configuration Manager, Microsoft Intune, MDM tools (for Windows 10) and Mac deployment tools like JAMF. Expect that to look similar to the management options for Edge on iOS and Android, which include conditional access, single sign-on, managed favorites, and separating personal and work accounts into different profiles.
The latest Edge Dev build lets users sign-in with their Azure AD account and get a single sign-on to company sites that support AAD. User profiles will now sync across devices through AAD accounts, which includes usernames and passwords for sites that users have chosen to save in the same way they already do for users signing into Edge with a Microsoft account. Use policy to make sure corporate sites open with the work AAD profile and those passwords will sync securely through AAD. Edge profile sync is rolling out to AAD tenants soon, but Microsoft says it will take several weeks to reach all tenants.
The same rollout schedule applies to the integration with Microsoft search, which will show up in Edge in two ways. If you’re using Microsoft search to make it easier to find people and internal sites (you need to enable that from your Office 365 admin portal), search results shown as users type in the address bar will include people and intranet sites. That means searching for ‘booking a holiday’ will show the company site for booking time off as well as travel and hotel sites on the web.
The new tab page for users signed in with an AAD account will also use Microsoft search to show recent Office 365 documents, company apps, and sites, plus recommended content. The latter might include documents that colleagues are working on to which your account has access that the Microsoft Graph highlights as possibly relevant to you. This is basically building in the features from the Microsoft search extension that’s already available for Chrome and the current version of Edge. Users can still pick a different new tab page, but if admins invest some time in setting the keywords for internal sites and connecting line-of-business apps using the Microsoft search connectors, this could become a useful landing page. It’s certainly going to be consistent with all the other places that Microsoft search shows up, from SharePoint to the desktop Office clients, because this is the way Microsoft is trying to make Office 365 for central to enterprise workflows.
Some of those corporate may well be ones that need IE rather than Edge. if you’ve already created an Enterprise Mode Site List for websites that use older IE document modes or ActiveX controls like Silverlight, you can have those open in IE Mode in a tab inside Edge, rather than in IE as a separate browser.
You can control whether users see those sites in an Edge tab or a new IE browser window using the IE integration policy in Edge. You can also use a new tag in the Enterprise Mode Site List that forces sites to open in the full version of Internet Explorer. If you want IE Mode to be the default but you have sites that need to be in IE11 either for technical reasons or because your ISV doesn’t offer support if you use IE Mode.
If you do have sites that you set to open in IE11, you can also configure a new policy in IE11 to have links to sites that aren’t on the Enterprise Mode Site List open in the right version of Edge, otherwise users may find themselves bouncing from Edge on Chromium to IE and then on to the current version of Edge.
IE Mode doesn’t change Microsoft’s plans to phase out support for Flash before Adobe stops supporting it at the end of 2020; Flash will be disabled by default in the browser later this year.
Security and privacy in progress
If you’re using Windows 10, Edge Dev supports the Conditional Access and Application Guard (which runs chosen sites in a container for extra security). A future version of Edge will add support for Microsoft Information Protection (again, only on Windows 10); that means sensitive or confidential emails, documents, and other data that you label and apply policies to will be protected in web apps. PDF support in Edge Dev has lagged behind what’s already available in Edge, but Microsoft says that has improved and a future version will support digital signatures, as well as MIP tags and policies.
The promised tracking prevention feature is still under an experimental flag because it’s still being tested. The strict option may break some sites that use scripts and cookies, so it’s worth testing your company web apps to see if they will need adding to the tracking exceptions list.
Edge Dev is now available in ten languages, and both the browser and the browser developer tools will support more languages in the future (up to the 110 languages and variations that Microsoft’s enterprise software typically supports).
Chromium-based Edge hasn’t reached beta yet and Microsoft isn’t expecting businesses to start deploying it straight away, but there are enough planned enterprise features in this release to start formal evaluations and pilot programs – especially for legacy sites that will use IE Mode. Microsoft hopes that the combination of security, password sync, and the improved user experience through having all sites open in what looks like the same browser will encourage organizations to consider Edge as a default corporate browser in due course.
Resource Credit | TechRepublic