Olivier Reuland
Pragmatic Information Security and Privacy Expert

Use separate browser profiles

Using separate browser profiles is a quick and easy way to increase your security and privacy.
security
privacy

Browsers are used for just about everything these days. And it’s a good idea to separate different parts of our work, and our lives.

All main browsers allow creating different user profiles, for example:

  • Work
  • Work - Privileged tasks
  • Personal
  • Personal - Bank

This allows to keep things separate, such as browser bookmarks, history, cookies, passwords, extensions and other website data.

Multiple profiles on Edge
Multiple profiles on Edge

What’s in it for employees?

This is useful for many reasons:

  • More private: Your work profile might be saved by your company. Do you want all your personal favourites and history sync’d as well?
  • More secure: Keep your work passwords, or your passwords for sensitive tasks, away from the more day-to-day, and more prone to phishing/compromise, tasks.
  • Less error-prone: Browser cache and prefill information, which makes entering the personal information into company systems more likely, for example.

What’s in it for companies?

For companies as well, it’s a better deal. Of course, the “best” way would be to ban the use of company’s computers for persona use, but is this really realistic?

Setting up your employees with separate browser profiles means:

  • More private: You don’t want to have employees’ personal information in your systems or backups. Good luck trying to clean it up when the employee leaves.
  • More secure: Do you really want the risk of seeing your employees syncing their profile with their personal account, resulting in all their work passwords being saved out there? You don’t, ask Okta. And these extensions in your work profile!? No, thank you.
  • Less error-prone: Browser cache and prefill information, which makes entering company information into personal services more likely, for example.

Yes, there are ways to limit some of those risks (password save, prevent prefilling, prevent extensions, block sync…) or to do better (virtualised browner…) but it’s costly in time or money. As a first step, having employees use a separate browser profile and follow some good security hygiene is cheap and easy.

Alright, alright, how do I do it?

There are some good documents out there, for example: