Props to Suhail for building in the open (takes a lot of rejection tolerance) and being so honest about the path.
That said, I work with lawyers as customers and I suspect there was an adjacent market in data privacy that a hosted browser would have had PM fit for.
A lot of industries have strict legal requirements on controlling employee access to data (think healthcare, legal, compliance). In these cases, SaaS becomes risky if it can be accessed by anyone off their work computer.
The standard solution is to limit the webapp to be accessible on VPN, and limit VPN to be accessible on MDM controlled devices, and limit MDM to be accessible on company owned devices.
It would be a lot easier to just control the browser viewport and prevent data harvesting (essentially what Mighty was doing, focused on performance).
Sounds like a small change, but it makes a world of difference when it's not feasible to send a physical machine to someone (3rd party contractors, overseas employees, low wage employees, etc)... something I discovered when talking to lawyers about using contractors overseas for routine data entry tasks.
But that's definitely not the same kind of user, or tech expertise and would have been a big pivot in itself. Hopefully someone buys the IP and builds something cool.
As evidence of a market for this, see the company Citrix. Also I think Facebook's content moderation website is only accessible from some sort of remote desktop system.
Funnily enough, the few times I've seen Citrix remote-desktop browsers used it's been for the opposite use case: isolating potentially malicious websites in a virtual machine so they can't compromise employees' computers.
> The standard solution is to limit the webapp to be accessible on VPN, and limit VPN to be accessible on MDM controlled devices, and limit MDM to be accessible on company owned devices.
Didn't the "BeyondCorp" zero trust model pretty much kill that, or at least show there was a better way to restricting access to secure apps than a VPN?
BeyondCorp canonically includes device authentication! The way I’ve seen it implemented is a browser client certificate though, kept valid by MDM. No need for VPN.
Of course a certificate could be stolen/transplanted but you would need to compromise the laptop first, and that’s also true of VPN solutions unless the keys are in TPMs.
And yet security VCs are investing here again and yeah, no idea why This Time Is Different
We do get VDI users for our tool in some high-end security sensitive places to work around weak clients (budget is not uniformly distributed across users), but that niche is a small market wrt VC..
> It would be a lot easier to just control the browser viewport and prevent data harvesting (essentially what Mighty was doing, focused on performance).
Not really, the client can still OCR whatever the browser viewport contains, even if the server just streams video.
That said, I work with lawyers as customers and I suspect there was an adjacent market in data privacy that a hosted browser would have had PM fit for.
A lot of industries have strict legal requirements on controlling employee access to data (think healthcare, legal, compliance). In these cases, SaaS becomes risky if it can be accessed by anyone off their work computer.
The standard solution is to limit the webapp to be accessible on VPN, and limit VPN to be accessible on MDM controlled devices, and limit MDM to be accessible on company owned devices.
It would be a lot easier to just control the browser viewport and prevent data harvesting (essentially what Mighty was doing, focused on performance).
Sounds like a small change, but it makes a world of difference when it's not feasible to send a physical machine to someone (3rd party contractors, overseas employees, low wage employees, etc)... something I discovered when talking to lawyers about using contractors overseas for routine data entry tasks.
But that's definitely not the same kind of user, or tech expertise and would have been a big pivot in itself. Hopefully someone buys the IP and builds something cool.