Why Remote Browser Isolation (RBI), Why Now?

Author Avatar

by

Posted on June 25, 2021

Want to interview Chase?

Contact

Remote Browser Isolation (RBI) was more of a “fringe” technology when it first came on the scene. I wrote about remote browser isolation a few years ago while working as an analyst. At that time, it was noted as something that was interesting, innovative, and a potential future solution that would be key to extending the defensive edge of an organization. The concept is a powerful one – by moving internet browsing sessions off the endpoint, and instead isolating them in remote network (or cloud) containers, remote browser isolation would protect devices from all bad things on the web. Early versions of the technology had some rough edges as far as performance and user experience, but that was years ago – an eon in cybersecurity terms. Jumping forward to today, security teams have discovered that innovation and hard work have delivered a new class of RBI product that is ready for prime time.

In the last year remote browser isolation (RBI) has been announced as a product offering from a variety of organizations that have lengthy histories as cybersecurity solutions providers. The company I work for, Ericom, has an RBI product and works with well-known partners such as Forcepoint and Netskope, as well as on its own, to bring it to market. Other recognizable brands that are now directly active in the RBI space include Menlo Security, McAfee, Zscaler, Symantec, and, just recently, Cisco and Cloudflare. There are a variety of ways these solutions are offered and in truth many of them are RBI features, not really RBI products. That’s not to say that they are any less useful in the context of extending security controls to the Zero Trust Edge but some of them are features, not products, period. Buyers and users should be aware of that.

But why is remote browser isolation technology suddenly a “thing”? Why have some of the largest and longest serving security providers on the planet started offering this? How does remote browser isolation (RBI) fit strategically into the future state of an organization’s security?

The answer isn’t that complicated. Remote browser isolation is now being offered by these organizations because to be concise, it works. RBI helps to deliver on the threat prevention promise that legacy anti-virus and anti-malware products attempted to provide decades ago. And RBI fits into the strategy of an organization because it extends the defensive plane all the way out to the internet. By using containers and the cloud as part of that extended defensive edge and by functioning as the interface that a user would leverage to operate in the most threatened space there is, the internet, an organization’s security strategy is effectively optimized. Good remote browser isolation solutions do not negatively impact the user experience, but but they do eliminate and negate the most prolific of attack vectors where they operate, the web. It’s basically that simple, and that’s why remote browser isolation is now becoming popular.

Think about things in this way for a second. If you accept that 1) statistically, numerically, historically speaking, data indicates your users will be your most likely avenue for exploitation; and 2) your users are most likely to be compromised by either phishing attacks, credential harvesting, or drive by download malware, then where are attacks most likely to occur? The web, end of story. Therefore, if you can leverage a web security solution that sits between the end users and limits their interactivity with negative web content and the nefarious techniques that hackers employ to execute malicious code and compromise end user systems, you can finally tip the scales of efficacy in the never-ending daily battle we face in cyberspace.

Ultimately, this is the final way that you should think about the value RBI offers: it is around that reality that we operate in a combat environment in cyberspace. If you were looking out across a vast expanse of a combat environment, would it make more sense to try and fight the enemy hand to hand, sticks and fists once they had penetrated en masse within your carefully constructed base perimeter? RBI moves the engagement zone outside of your territory and keeps your home front safe – that’s the value. Fighting inside of your own environment once it has been breached, that is what legacy anti-virus type solutions get you.

Remote browser isolation (RBI), as well as other Zero Trust security controls, are designed to keep the engagement as far from your base defenses as possible. By preventing the enemy from gaining a viable beachhead from which they can move laterally and spread you, in essence, take the high ground and dominate the battlespace.

So, I’ll put it to you – which approach makes more sense?

Engage the enemy on your terms, with you in the power position, or continue to try and “stay ahead of the threat” with legacy anti-virus/anti-malware scanning solutions that we have 30 plus years of proof don’t help you win? Or use technologies that help you take back the initiative from your adversaries?

These are the reasons why RBI, and why now.


Share this on:

Author Avatar

About Dr. Chase Cunningham

Creator of the Zero Trust eXtended framework and a cybersecurity expert with decades of operational experience in NSA, US Navy, FBI Cyber, and other government mission groups, Chase is responsible for Ericom’s overall strategy and technology alignment. Chase was previously VP and Principal Analyst at Forrester Research; Director of Threat Intelligence for Armor; Director of Cyber Analytics for Decisive Analytics; and Chief Cryptologic Technician, US Navy. He’s author of the Cynja series and Cyber Warfare: Truth, Tactics, and Strategies.

Recent Posts

Why the Browser Continues to be the Top Threat Vector Exploited by Cyber Criminals

Actively defending your users' browsers, and not relying on them to recognize threats, using remote browser isolation is critical to protecting your network.

How Well Will Cyberinsurance Protect You When You Really Need It?

Faced with increasing numbers of attacks, cyberinsurers are writing more exclusions into policies and requiring more effective cyberdefenses.

Securing HIPAA – Interoperability versus Data Protection

If proper security for EMR systems are not put in place, there is increase risk of cyberattack, personal data exposure, and costly HIPAA violations.