.png?width=1816&height=566&name=brandmark-design%20(83).png "Tech Channels - IT News, Resources & Insights")
SMBs and midmarket companies may be grappling with identity and tool sprawl, but enterprises face a different challenge: controlling data in an increasingly browser- and AI-driven world.
Tech-Channels spoke with Jason Trunk, Vice President and Field CTO at Island, who argues that the browser has become the central control point for enterprise security—and that traditional approaches like VPNs, VDI, and network-based security are no longer sufficient. As AI adoption accelerates, he says, organizations must rethink how they secure and govern data at the point where it is used.
Q. What’s driving Island’s momentum right now?
A. Soaring is all relative. You look at AI and $600 million valuations—so soaring is always relative. But when we came out with the concept of the enterprise browser, it was really a brand-new workspace. That’s what it’s turned into. It’s generally the place where all business is done today, and it’s still the number one client to interface with all AI vendors.
Q. What problem were you trying to solve with the enterprise browser?
A. The challenge was that data leaks out of the browser. We assume it’s safe in the cloud, we assume encryption is protecting it—but the moment it gets decrypted, now it’s your problem as an IT leader. And that happens in a consumer product, too, in the same browser you use to look at puppy videos. We asked: What if we could contain the data the moment it’s decrypted? What if we could categorize it, understand who is accessing it, and control it? That’s how we created this secure workspace browser.
Q. How does this approach differ from traditional security tools like VPNs or VDI?
A. VPNs basically put the entire laptop on the company network, every port, every protocol, everything. Then we moved to virtual desktops and desktop-as-a-service, which are extremely expensive. Some banks have hundreds of millions of dollars in infrastructure just to support that. What’s ironic is you log into a virtual desktop, and the first thing you do is open a browser. One of our biggest value propositions is reducing VDI. It lowers cost and actually improves the end-user experience.
Q. Why is the browser such a critical control point?
A. The browser is where data gets decrypted. It’s the “A” in the A-to-B conversation for everything on the internet. That’s where it gets unlocked. Network solutions can only see about 70% of traffic. The rest—things like certificate pinning or newer protocols—they can’t inspect. The browser sees everything because it is the protocol. That gives us a unique ability to protect data at the moment that it’s actually being used.
Q. How does AI change the security equation?
A. The challenge with AI is data leakage—people uploading sensitive data into public models or using personal accounts. We can enforce which AI models employees use, ensure they’re logged in with corporate credentials, and prevent sensitive data from going to personal accounts. We can also show what AI tools people are using, where the data is going, and whether it’s sensitive. Nobody is really talking about guardrails at the client level—that’s where the data leaks. Guardrails on the server side are important, but this is where the rubber meets the road.
Q. How do you balance security with user privacy, especially on personal devices?
A. That’s a big issue. Executives and employees are using personal devices, and companies don’t want to invade privacy. We can separate personal and corporate activity—even in adjacent tabs. For example, don’t log anything in personal Gmail, but log everything in corporate Gmail. That level of tenancy is something only the browser can enforce.
Q. What about access control and offboarding risks?
A. Most companies rely on single sign-on, but even the most sophisticated organizations probably only cover 20% of the apps their employees use. There’s always something outside of SSO.
Q. Cost is a major concern right now. How are pricing models changing?
A. Pricing and licensing are absolutely under scrutiny, and they should be. Persistent desktops are very expensive—those machines are running all the time just in case someone logs in. Companies don’t want to keep paying for legacy solutions. Consolidating functionality into the browser can reduce that cost significantly while improving the experience.
Q. Which industries are adopting this approach most quickly?
A. Highly regulated industries—finance and healthcare—are big adopters. We have the largest healthcare system in the U.S. as a customer, along with multiple hospital systems and universities. We’re also a certified platform for Epic, which is huge. Epic touches about 60% of patients and 40% of hospitals in the U.S., so that opens up a massive opportunity.
Q. How do you see the competitive landscape evolving, especially with AI?
A. There’s a lot of competition in AI, and there’s only so much market cap to go around. At some point, AI companies will start competing with each other more directly. Every company uses a browser, and they all care about protecting their data.
Q. What does the path forward look like?
A. The browser is becoming the workspace, the control plane, and the enforcement layer for security, data, and AI. That’s where we believe the future is.
As enterprises race to adopt AI and modernize their environments, the conversation around security is shifting from the network to the point of use. For Trunk, that inflection point is the browser—where data is decrypted, decisions are made, and risk ultimately materializes. By consolidating security, visibility, and control into that layer, Island is betting it can simplify an increasingly fragmented stack while addressing the realities of how work gets done today. Whether driven by cost pressures, AI governance needs, or the limitations of legacy tools, organizations are clearly rethinking their approach. And the browser may be where the next phase of enterprise security takes shape.
