Browser isolation explained: Understanding how RBI keeps your organization secure

GERRY GREALISH on December 30, 2019 | 663

As a security professional, you’ve worked hard to secure your organization from web-based threats, protecting your network with firewalls, URL filtering and anti-virus software. You have educated your users well - they know not to fall for the more common phishing scams.

But of course, you know that that’s not enough. One false click by a user on an as-yet-uncategorized malicious website or newly minted threat could let in a whole host of nasty ransomware, malware, you name it - things that can turn your whole organization upside-down in a matter of minutes. Consider the impact of your sensitive data flowing into the wrong hands. Think of the time and expense it would take to get your systems back up and running. These are the types of operational issues that lead businesses to close up shop.

 

We’re all at risk

With each passing day, hackers get smarter and develop threats that are much more advanced. What may have been easily recognized as sketchy in the early 2000s (remember those obviously fake pop-up ads?) is more likely to go unnoticed, disguised as something completely innocent on the web or in an email. Today, it’s easier than ever for users to mistakenly tap on a malicious link and allow a silent threat onto their endpoint, and from there, to penetrate your organization’s network.

Methods like spear phishing are particularly effective at targeting specific individuals, tricking them into downloading malware through sophisticated social engineering techniques. And antivirus software, firewalls? They use signature-based protection that effectively detects known threats. But more often than not, the latest, greatest, as-yet-unknown threats can slip by unnoticed. And it’s these new undetectable threats that present the greatest risk.

With traditional web security measures far from invincible, you need additional safeguards in place to protect against the trickier unknown threats that they simply don’t catch. Let’s take a look at Browser Isolation, a relatively new kind of security solution that Gartner, the leading technology analyst and advisory firm, recommends to protect your organization from powerful web-based threats from the very moment they emerge.

 

The browser isolation mechanism

Browser isolation solutions like Ericom Shield use a prevention-based approach to stop threats that target endpoints. Instead of relying on the ability to identify and stop only known threats using signature-based techniques, it stops all malware, even zero-day malware, from ever gaining access to devices, so no web-based threat will ever reach the network.

Let’s delve a little deeper and look at exactly how browser isolation works:

  1. When a user opens a browser or navigates to a site, a dedicated, isolated virtual browser is created. All active code from the site is executed by the virtual browser, including all Javascript, CSS, external links, and potentially malicious threats. Some browser isolation solutions locate virtual browsers in a virtual machine on the user endpoint. This local approach runs the risk of leakage, however. Other solutions locate virtual browsers remotely within containers, either on premises in the network DMZ or entirely outside of the network in the cloud. Remote browser isolation provides the best protection as it minimizes risk of malware contamination.
     
  2. The virtual browser isolation solution renders the site as a clean interactive media stream that is free of active code. The stream is delivered to the user endpoint in real-time, providing (in the best solutions) a completely seamless and interactive browsing experience. Some browser isolation solutions require users to browse only with the solution’s proprietary browser while others work with any standard browser - a huge advantage.
     
  3. When the user’s browsing session is over, the virtual browser and/or container is completely destroyed, along with all active content from the site, including any malicious threats. When a new browsing session is begun, the process is started anew. More sophisticated browser isolation solutions take this approach to another level by opening each browser tab in its own new virtual browser, in its own remote isolated container to prevent leakage and cross site scripting (XSS) attacks.

Some browser isolation solutions also provide protection against email-based threats, a popular vector for malicious attacks. Here’s how that mechanism works: Links within emails are opened the same way as browsed websites. Some solutions may offer an additional layer of protection by enabling uncategorized websites from email-embedded URLs to be opened in “read-only” mode, so unsuspecting users are protected from divulging personal credentials on potential phishing sites.

When it comes to threats buried in attachments offered for download, an effective browser isolation solution will have you covered with integrated CDR (Content Disarm and Reconstruction) technology, which sanitizes every file before it’s downloaded so users are safe from the risk of infection.

Overall, a well-designed browser isolation mechanism provides complete protection from web-based threats. The best solutions also have a net positive impact on productivity, since users can safely browse uncategorized sites that would otherwise be banned, and IT overhead for checking sites and granting exceptions is vastly reduced. Clientless solutions eliminate the time and effort that would otherwise be needed to download and individually update software for every device.

 

Keep calm and carry on [browsing]

Now that you know how browser isolation works, it’s clear how it excels at protecting your organization from all web-based threats. Bottom line: With a powerful RBI solution like Ericom Shield, threats are kept far away from your organization’s endpoints and networks, while your users are free to browse the web as they need to get their work done. In many ways, it provides the perfect balance between security and user productivity.

Author | 8 Blog Posts

Gerry Grealish

Chief Marketing Officer | Ericom Software

Recommended Articles