The threat level for organizations continues to escalate, with some media outlets calling 2017 “the year of the hacker.” From high-profile breaches of government agencies and prominent enterprises, to the massive WannaCry ransomware campaign, attackers kept IT teams on their toes.
CTOs, CISOs and CSOs continue to evaluate new strategies and technologies to maintain their vigilance against these threats. Chief among them is remote browsers, a.k.a. browser isolation, which Gartner has identified as one of the top technologies for 2017. As Gartner noted, “browser-based attacks are the leading source of attacks on users,” and browser isolation keeps malware off the users’ system, “reducing the surface area for attack.”
Why You Need Browser Isolation
Many security breaches and incidents can be traced back to web browser vulnerabilities, and new malware attacks targeting browsers continuously emerge.
One example is malvertising, which is growing faster than online advertising, and is being used to deliver ransomware and other malware. In the case of “drive-by downloads,” website visitors don’t even have to click on the malicious ad – just loading the website can infect the browser. Browser isolation technology can help eliminate this threat. (Learn more about ransomware in The Ability to Combat Ransomware Just Got a Lot Tougher.)
As Gartner noted, isolating the browser away from the endpoint keeps malware off the end user’s system, even if the browser is infected. Browser isolation doesn’t just give organizations safe internet browsing, but also protects them from many phishing and spear-phishing attacks: When a user clicks on a malicious email link, the website opens in a secure browser and any malicious processes take place in an environment that’s isolated from the organizational infrastructure.
Think of it like an isolation ward in a hospital for contagious patients. The patient can still communicate with others without putting them at risk of infection, but the germs remain sealed in the ward, until they’re eradicated when the chamber is disinfected. Similarly, browser isolation contains viruses away from the endpoint and allows only a safe data stream onto the user device.
Gartner estimates that by using browser isolation, organizations would reduce attacks that compromise their end-user systems by 70 percent.
The Foundation of a Good Browser Isolation Solution
An effective browser isolation solution provides a seamless user experience while creating an unbridgeable airgap between the user’s device and the insecurities of the internet, allowing all browsing to take place in a safe zone. A feature that can make a remote browsing solution more attractive for IT teams is centralized management. Ideally, IT staff should be able to install and maintain remote browser isolation (RBI) solutions from a central point, instead of managing each device individually.
When choosing a solution to implement, these are some other top features to consider:
Isolating browsing enables the user to browse any website while shielding endpoint browsers from potential threats on that site. Each browser session takes place on a virtual browser, within a dedicated container. When the session ends, the entire container is destroyed, along with the browser and any malicious code from the site.
Some purportedly remote browser isolation solutions are, in truth, fairly local. Locating a virtual browser within the organizational network can lead to disaster if malware leaks or escapes. That’s why the best RBI solutions locate virtual browsers in the cloud or the network DMZ.
As internet users, we are very spoiled: The slightest delay in load time or responsiveness sets users running to lodge helpdesk complaints. With a good browser isolation solution, users should experience websites as fully responsive in real time, with all text, images, video, audio and interactive functionality – just minus the malware.
Built-In File Handling
Downloading files is an essential website function for almost all users. But today, innocent-seeming files can carry malicious code from the web to your endpoints, and from there to organizational systems. While many remote browser isolation solutions work with file sanitization solutions, only a select few have them built in from the start, saving IT budget, time and effort required to purchase and integrate another solution.
Clientless and Device-Agnostic
A clientless solution makes both deployment and management simple. It requires no installation or plug-ins, and IT overhead and complexity are minimal since there’s no need for individual setup at each endpoint. With a device-agnostic technology, end users have a seamless web browsing experience, regardless of what device, operating system or browser they use.
Building a remote browsing solution on Linux infrastructure provides it with an additional layer of security. As the dominant OS for businesses, organizations and governmental institutions, Windows servers are most frequently targeted by malicious actors. In contrast, Linux was built from the ground up with security in mind. (For more on Linux, check out Linux: Bastion of Freedom.)
As with any cybersecurity technology, browser isolation is not a fail-safe strategy by itself. In today’s threat environment, no single defense can protect an organization one hundred percent. Within the context of defense-in-depth, what browser isolation does is limit the potential chaos and destruction that can result from an attack.
With this new paradigm among security professionals – that attacks are inevitable – reducing the attack surface is a smart strategy. Adding a browser isolation solution to your firewall, anti-virus and other defensive solutions can take organizational security to a much higher level.