Issue/Question
Why is my 3rd party browser not supported or blocked?
Environment
- Windows
- MAC
- Browser
- Internet
- DLP
- Data Protection
Cause
Non-supported browsers are blocked on all university owned devices. Supported browsers should be described in policy.
Resolution
Unsupported Web Browsers Policy
Purpose
To protect the confidentiality, integrity, and availability of USD information resources by restricting the use of web browsers that inherently bypass security controls or cannot be managed in accordance with institutional IT security requirements and regulatory compliance standards.
Scope
Applicable to all employees, contractors, students, faculty, and third-party users accessing USD-owned or managed devices, data, and services
Policy Statement
In alignment with the USD Information Security and Data Responsibilities policy, which requires users to “take appropriate measures to secure University IT resources and the data they contain”, the following web browsers are defined as restricted and are prohibited on USD systems:
- Brave Browser
- Opera Browser
- Any additional browsers offering equivalent privacy features that circumvent security controls or lack enterprise management support
- Browsers that have not received security or product updates.
These browsers are not allowed due to the following risks:
- Bypass of Security Controls & Monitoring
– Brave’s Tor integration and Opera’s built-in VPN can circumvent network security layers such as firewalls, content filters, and CASB/DLP systems, undermining visibility and control.
- Inability to Enforce Institutional Policies
– Lack of support for Group Policy, Intune, or other MDM controls prevents enforcement of corporate security configurations and updates.
- Non-compliance with USD Security Standards
– These browsers are incompatible with security measures including encryption enforcement, telemetry logging, and compliance monitoring, all required under USD policy.
- Data Governance and Privacy Concerns
– Opaque update mechanisms, telemetry destinations, and VPN/proxy services conflict with USD’s data handling policies, risking violations of FERPA, HIPAA, or board-regulated standards.
Approved Browsers
Only the following browsers are permitted and actively supported on USD-managed devices:
- Microsoft Edge (Stable/Enterprise)
- Google Chrome (Enterprise/Stable)
- Mozilla Firefox ESR (with enterprise configuration)
- Apple Safari
Exceptions may be granted only through formal, documented approval by the Information Security Office, based on a demonstrated business need and security justification.
Enforcement & Compliance
- Technical Enforcement:
- Block installations and execution of prohibited browsers via Intune conditional access, EDR policies, or network-level controls.
- Monitor and block restricted browser traffic through HTTPS filtering or user-agent controls.
- Usage Monitoring:
- Any detection of restricted browser use will trigger investigation under University IT security protocols.
- Disciplinary Action:
- Non-compliance may result in revocation of network access and may lead to disciplinary action according to USD policy.
Review Schedule
This policy will be reviewed annually, or as needed based on:
- Browser feature updates
- Changes in USD regulatory or governance requirements
- Updates to State Board of Regents or federal compliance standards
Please contact the Service Desk if you need further assistance