While this is true, allow me to give another POV. I run corporate security and internal IT for a 100 person SaaS. I "nudge" our users towards Chrome. Why? Because I can manage Chrome using the config infrastructure provided by Google. Because Google has more resources to secure their browser. Because my observability and DLP stuff works with Chrome and not with Firefox. And I'm probably still missing out on a bunch of things.

Those are real, practical reasons. Not just "if I do this I get to check another box".

Yes. I know. It's a pain that when you cannot do what you want to do. But it's not your laptop. It's the company's. Supporting more browsers to the same standard that I just described would take engineering resources, of which I do not have an infinite supply. And the priority goes to keeping the company secure.

> Because Google has more resources to secure their browser

They've kneecapped ad-blockers, when ad networks are perhaps one of the biggest causes of malware installs/page hijacking/other unwanted behaviour. I'm not sure how you can consider Chrome remotely secure in this light.

This is the correct answer. Having your users run multiple browsers by default (instead of with whitelisted exceptions) is now multiple attack surfaces the org has to manage.

while valid points, my company uses Microsoft products and they are pretty abysmal in whatever domain they have products in. Edge for example being one of the weaker browser options. (though better than it was in the IE era).

Being forced to use various tools for compliance is frustrating, doubly so if it helps create a stronger monopoly position, because a monopoly position creates stagnation, which makes worse products.

But those worse products are forced on users, even when better ones start to come about.

This is the crux of my issue, Microsoft is the king of this behaviour, and they are using this a lot which is squeezing the metaphorical testicles of almost all companies in Europe.

If you run a SaaS, large parts of your orgs should be on all major browsers regularly.

Do people get pwned by anything besides spearphishing or ads nowadays? I think ad->phish or targeted phish emails is the only shady thing I've been exposed to in like 10 years

It's a pain that when you cannot do what you want to do. But it's not your laptop. It's the company's.

But it is my craft, and to be limited to what tools I can use in my craft can decrease the value of my work, and in doing so decrease the company's productivity.

This feels like the whole IE6 dance coming back.

People know how it ended, but don't seem to remember how it started, which is a shame.

> But it's not your laptop. It's the company's.

Sure, which is why you should lock down the laptop. Blocking Firefox in Google Workspace seems like entirely the wrong layer for this.

Google has the resources to do it, but do they actually do it? By the looks of it I'd say "no".

See the whole thing with libxml2 for example, or how they started boringssl to "fix" the issues with openssl, but they run it as an internal project you cannot depend on.

having soon-to-be-nonfunctional adblocking will be far more dangerous to org than any extra security those options might provide