“Assuming the BrowserGate allegations are true, LinkedIn customers ought to think about lowering the quantity of identifiable, trackable, or delicate information their browser exposes, and organizations ought to deal with LinkedIn as a doubtlessly hostile internet atmosphere till details are verified,” Levine mentioned. “Even when BrowserGate is exaggerated, browser fingerprinting is an actual, widespread observe throughout the online. Deal with LinkedIn like every other third-party information collector. LinkedIn has traditionally been handled as secure, [but] that assumption could have to be revisited.”
Levine mentioned IT executives ought to “assume that LinkedIn can map your tech stack” and that, if the claims are correct, LinkedIn might infer “which SaaS instruments your workers use, which opponents you depend on, which job search instruments your workers is utilizing and which political/non secular extensions seem inside your workforce.”
He added that IT ought to think about blocking LinkedIn on delicate networks, or require it to solely be accessed via VDI, in addition to using browser isolation methods. Some firms may even need to use a separate remoted browser solely for LinkedIn, or, he mentioned, “use a sandboxed browser session, akin to Browserling or different cloud-isolated browsers.”
