Why we’re investing in Island: Canapi Ventures

Perhaps the most enduring side effect of the COVID-19 pandemic has been a widespread shift in ways of working. The 2022 McKinsey American Opportunity Survey suggests that even post-pandemic, nearly 60% of employees have the option to work remotely at least one day a week, and 35% are given a fully remote option. The “flexible work” trend is likely here to stay for the foreseeable future, in fact, over the next five years, nearly half of the workforce is projected to be fully or partially remote.

In parallel, web malware and ransomware – both browser-based attack vectors – are considered the most significant security threats for organizations. Companies increasingly depend upon web-based applications, including SaaS apps as well as “private” apps, to run their businesses, with today’s organization using 130 apps on average.  As companies and employees leverage browsers as their primary tool for business applications, the need to secure the browser grows more stringent by the day. Currently, this security stack includes a hodge-podge of add-on solutions, including identity and access management tools, data loss protection tools, secure web gateways, and Zero Trust edge work. 

The rise of remote work, coupled with the growing use of cloud-based and delivered applications, has created a challenge for the modern CISO, who must consider securing multiple networks, devices, and applications using dozens, if not hundreds, of cybersecurity tools. By using a patchwork of solutions, CISOs today attempt to manage and provision individuals, applications, and devices, all of which depend on the same core solution – the browser – to complete a task. As a result, we believe that the enterprise browser, which offers a unified solution capable of meeting a range of enterprise cybersecurity and infrastructure requirements, is a critical component of the future of work.

This is why we are thrilled to announce our investment in Island, a category-defining enterprise browser that addresses key security needs via a single solution. Rather than bolting on a range of tools and features to existing consumer-oriented browsers, Island has instead built a commercial-grade browser using the same open-source Chromium code base that underlies popular browsers such as Google Chrome and Microsoft Edge. With Island, enterprises can secure network and web access, improve data security, offer end point protection, ensure messaging and mobile security, solve for identity and authentication, improve enterprise productivity, and solve for risk and compliance controls.

Solving critical pain points for the financial services sector

While Island can be – and indeed is – leveraged by companies across industries, we are particularly excited by Island’s ability to help banks and financial institutions (including members of the Canapi Alliance) not only improve security posture, but also employee efficiency and productivity. As a highly regulated industry, financial services have often had to accept trade-offs between security and usability; Island, however, allows these two concepts to co-exist.

For example, contractors, consultants, and remote/hybrid workers at financial institutions today often require clunky VPNs and/or VDIs to access proprietary systems. Using the Island browser, however, users can instead access regulated systems and databases through an Island tab, creating a far more seamless, cost-effective process without sacrificing controls.

Moreover, with Island, banks can allow employees to bring their own device (BYOD) rather than relying on company devices (i.e., laptops, tablets, phones). Rather than purchasing and outfitting company hardware with specific controls, banks can instead send employees a link to Island, and only provision access to company applications through Island, resulting in significant cost savings.

Island can also aid with data loss prevention by preventing copy-pasting, screenshotting, saving, printing, and downloading of data hosted in web-based applications; this can include PII, MNPI, and other sensitive information frequently accessed by bank employees. Moreover, the Island Enterprise Browser can connect to internal, private applications and serve as a single-entry point to critical apps, solving additional DLP and IAM pain points.

Additionally, we are seeing banks leverage Island to (i) provision collaboration tools including Zoom or Slack, which were previously inaccessible due to security concerns, (ii) grant access for third parties during an M&A event, (iii) enable access to generative AI platforms via Island’s AI Assistant, which monitors and blocks sensitive information leakage, and (iv) modernize retail footprints by using the browser in branch locations rather than relying on legacy VDI tools.

The use cases for the Island Enterprise Browser are endless. While many enterprises start with one or two use cases, they often quickly find new ways to leverage the platform, improving productivity and security along the way.

A category-defining company

While just in its second year since emerging from stealth in 2022, Island has achieved considerable success as a category-creator, with over 2 million browsers sold across leading Fortune 500 enterprises.

Building a security product that is Fortune 500-ready from day one takes considerable talent, time, and resources. The team that CEO and co-founder Mike Fey has re-assembled from his decades in the security space further drives our excitement and conviction in Island. Mike has had an extensive career in enterprise cyber security, having previously served as the CTO of McAfee and most recently, as the President/COO of Symantec. Island’s CTO and co-founder Dan Amiga was previously the founder and CTO of FireGlass, where he invented the concept of remote browser isolation (RBI), the precursor to the enterprise browser.

We look forward to partnering with Mike, Dan, and the rest of the Island team as they bring forth the future of work and are honored to be part of their journey.