Cyber threats such as malware and ransomware continue to make headlines, carrying out their reign of devastation on organizations of all sizes. Every day hackers contrive new approaches and new variants of internet-borne threats, and every day employees rely on the Web to perform a broad range of business tasks. This leaves IT staff in a constant struggle to effectively react to the malicious content hidden within seemingly innocuous links and downloads with which users interact.
Just recently, global pharmaceutical company Merck took a hit. When employees arrived to work, they found their computer screens locked and they were left with no other option but to return home. A few weeks later, the largest ransomware payment in Canada to date was made by a company with no alternative but to pay nearly half a million dollars in Bitcoin. In their case, company officials had been targeted by a spear-phishing attack in which they were sent a phony PDF attachment that later encrypted their databases and backups.
In their efforts to prevent attacks like these, organizations are spending a staggering amount of money on endpoint protection. However, existing tools such as antivirus, firewalls, and other types of “detect and block” solutions can only provide a limited degree of protection.
Fortunately, security vendors have not been sitting idly by. A new, non-signature-based method of prevention called browser isolation—also known as remote browsing—has emerged to enable safe browsing without disrupting the user experience. After all, users need access to the internet for their daily operations.
With internet-borne threats being just a single click or file download away from compromising day-to-day operations, organizations are adopting browser isolation as an effective method to protect the endpoint. This approach utilizes a remote virtual browser as the means to separate the actual web browsing experience from the endpoint device.
According to Gartner, remote browsing is one of the most sought after cybersecurity technologies in 2017.
Endpoint protection
Working in conjunction with existing IT policies, browser isolation protects users from malicious web content. Enterprises can utilize isolated browsing on any operating system and device using a standard HTML5 browser to eliminate the risk of interfacing with rogue links and files. The remote browsing session is executed inside a disposable container located in a remote “safe zone.” It is then rendered in real-time into a static picture format (instead of the dynamic content on the actual webpage) and transmitted to the local browser, ensuring any potential malware is fully contained and disarmed—never making its way onto the endpoint.
Seamless user experience
While the virtual browser is deployed in an isolated environment outside of the corporate network, there is no performance degradation or latency. There is a dedicated browsing session allocated for every tab, and each session is discarded once the tab is closed. Unlike threat detection and remediation solutions, browser isolation provides a transparent solution for users. Web-based applications can be accessed, and browsing the internet is a native experience, only without compromising security.
Corporate productivity increased
This new approach provides the utmost in security while minimizing the workload on IT. There is no need for constant browser patching and, due to the HTML5-based clientless approach, no endpoint installation is necessary.
A new mindset
The challenge with today’s security solutions is that most are reactive in scope, as they are primarily focused on detection and signature. Malware comes in all shapes and sizes, and can sneak past traditional security defenses in a variety of ways. Nondescript file downloads and misleading links are among the most common tactics used to launch a cyberattack—but with a little creativity, they can still be surprisingly effective.
With ransomware and other malware becoming increasingly prevalent, a new mindset for internet security is warranted. Integrating browser isolation with existing endpoint security frameworks contributes to a defense-in-depth, layered security approach, and gives enterprises a proactive method to maintain business continuity.
