What is Remote Browser Isolation’s role in protecting organizations from highly malicious web-borne threats like ransomware?

Addressing the dangers of web browsing

Browser isolation is an integral part of a Zero Trust approach to cybersecurity. Zero Trust is the state-of-the-art model for cybersecurity today. Instead of relying on perimeters (trusted users and traffic inside, suspicious users and traffic from the outside) and whitelists/blocklists to determine what’s trusted and what isn’t, Zero Trust treats all traffic as potentially dangerous.

Because there is no way to know if internet content is safe, a Zero Trust approach to web browsing means keep all internet content off endpoints and browsers. That is exactly what browser isolation does.

Learn About Remote Browser Isolation

The internet is an inextricable part of how people work today, with employees constantly accessing the web, often across many different devices. But each time an employee opens a web browser to view web content, they are potentially exposing your organization to untold malicious threats. These threats include all kinds of malware, ranging from trojans and ransomware to phishing and more, any of which could cause significant security issues for your organization.

With a Browser Isolation solution, you can separate your users’ web browsing activity from the local network and its infrastructure, thus preventing browser-based attacks on the network, while providing your users with secure web access at the same time. This protects your endpoints and networks from known variants of malware, and more importantly, it also protects them from unknown, or zero day threats, that are often not covered by your traditional detection-based solutions, like the various antivirus software solutions commonly available.

How Browser Isolation works

When a browser isolation solution is in place, any active code or scripts that originate from a website are run within a virtual web browser in an isolated and disposable cloud-based container. This container is disposed of at the end of the browsing session, or after a set period of idle time, or when the user closes a browser tab. This process ensures that no web content—good or bad—ever reaches your endpoints. When the container is destroyed, anything malicious is destroyed along with it, so it cannot cause any harm. Even though this process seems quite different from typical web browsing, the experience for your users is identical to the web browsing experience to which they are accustomed. They simply receive and interact with a clean and safe stream of interactive content, using their regular web browser.

Maintaining a smooth user experience is key to enabling organizations to remain productive while providing secure web access without the risk of web-based threats. Browser Isolation is also sometimes referred to as “Web Isolation”, especially when it uses a virtual machine to deliver its services. When the solution is a cloud based one, using a remote browser in the cloud, rather than running on the end user device, it is called “Remote Browser Isolation”, often referred to as RBI. When it comes to keeping your network safe, RBI is the most secure type of browser isolation, since when a remote browser is used, it ensures that all web traffic is contained and disposed of, and any web-based malware can never reach the endpoint or organizational network at all.

Learn about Web Isolation

How can Browser Isolation – especially Remote Browser Isolation – help secure your organization?

In 2016, Gartner analysts said that it was “time to isolate your services from the internet cesspool”. This is what Browser Isolation is all about – preventing the malicious threats from the web from reaching your organizational network. Using an isolation browser for remote browsing protects organizations and users from the dangers of the web, while also allowing them to get their work done without the obstacles and drawbacks that come with solutions such as whitelisting (which slows productivity, and can miss malware that is hiding on once-safe sites) and employee awareness training (all it takes is one employee who should know better to click once on a wrong link and jeopardize an entire organization’s security). Browser isolation technology is an effective Zero Trust-based answer to preventing many of today’s latest and most pressing web-based security threats.

Benefits of Browser Isolation

There are many benefits of using a robust and dynamic Browser Isolation solution.

Protection from all web-based threats, known and unknown (zero-day) threats

Browser Isolation is a prevention-based approach. This means that it assumes all incoming web traffic is possibly malicious, taking a ‘guilty until proven innocent’ stance. Therefore, it doesn’t rely on merely detecting incoming threats, using methods such as identifying virus signatures, which can only prevent known threats. Instead, the solution runs all active code from the web content outside of the network, whether it is suspicious or otherwise, so that no threat ever makes it to the network or endpoint – even the latest, unknown threats, which could never have been caught through a detection-based approach, due to their lack of known ‘signature’.

Prevents data leaks caused by local web browser caching

When a user opens a web browser and begins to surf the web, data is often stored in the local web browser cache, so that reloading pages is faster and the web page can personalize itself for the user, for example, it may ‘remember’ user preferences, fill in usernames, and address the user by name. While this can greatly improve the web browsing experience, by making the web faster and more tailored to the person browsing, it has a major downside. The browser cache itself presents a data security risk, through which data leaks can occur, from any user device, creating the opportunity for data loss. However, this risk will be removed when using a browser isolation solution, as no local data caching occurs on the end point computer.

Preserves productivity

A good web browser isolation solution provides a seamless internet browsing experience for the user. This ensures that the end user receives nothing but a safe, interactive content stream, so that they can continue to use and browse the web as normal, even using the public internet, without the risk of falling prey to a web-borne threat. There’s no impact to the UX, as the websites being viewed maintain their original look, feel, and functionality. Thanks to this, there will be no impact on the end user’s productivity. Browser isolation technology is so seamless, that your users won’t even know that it’s protecting them, and their web browsing activity will remain largely unaffected.

How to Evaluate an RBI Solution

No more over-blocking

Without a remote browser isolation solution in place, strict content filtering is often used to block access to any type of website or content that could possibly pose a security threat. This is no longer necessary when browser isolation is being used, as all the web content is being rendered in a disposable virtual container. Therefore, users won’t have any issues accessing any of the sites they need for work, which may have otherwise been filtered out erroneously due to particularly zealous over-blocking that occurred with the aim of maximizing organizational security.

Central management

Many browser isolation solutions will provide a central dashboard through which an organization can manage their web security at the network level. This allows the admin to easily manage groups or individual accounts, manage browser activity across multiple devices, and view reports regarding web usage, to manage browser activity.

Reduced need for endpoint protection solutions

Cloud security solutions like Remote Browser Isolation solutions reduce the complexity and costs associated with protecting individual endpoint devices from known and unknown web-based threats. With Remote Browser Isolation, there is no need for endpoint software installation, or exception management, because the virtual containers are running in the cloud, continuously preventing malware and other browser-based threats from ever reaching the endpoints at all. This is a lot easier and saves the time that would otherwise be needed in order to update every instance of software on every single device that connects to the network. It also ensures that protection is provided to the entire network, with no gaps, and it isn’t dependent on every device connected to the network being secure and updated to the latest software version, which is unrealistic for an organization with many users. When employees bring their own devices from home to use at work, such as smartphones and laptops, this is especially important, as these devices will often not be equipped with the software needed for protection, but they will still be connected to the network, presenting a gap through which web-based threats could enter.

Safe file downloads from the web

Some Browser Isolation solutions include a factory-integrated file sanitization solution that uses CDR technology. This ensures that any files the user downloads from the web browser are clean and safe to use. This technology can also be used to sanitize email attachments, to ensure they are free of infected malware. CDR technology essentially neutralizes one of the worst threats to businesses today – the threat of phishing campaigns. These campaigns try to convince end users to open infected attachments with malicious content, often under the guise of being a friend, or a trusted organization, leaving even the most well-educated employees vulnerable to falling for their trick, leading to undesirable consequences for organizational security.

Provide safe access to instant messaging

Instant messaging (IM) tools such as WhatsApp and Facebook Messenger are used by millions of people as an essential part of their toolkit for communicating both with other employees and with third parties. Unfortunately, IM has become a delivery vehicle for malware – and users often aren’t as careful about clicking on links that come in over IM. Having employees access IM via web apps that are routed through browser isolation is an effective way to protect your organization from threats coming in through IM.

Learn About Remote Browser Isolation

Conclusion

There’s no question that the web is an essential part of how we work today, with the majority of business roles requiring constant access to the Internet. But a user’s browsing activity also presents significant cyber threats that can put your whole organization at risk of data loss. Browser Isolation is the key to creating a secure web gateway, with a streamlined web browsing experience, so that your end users can work the way they want, without compromising the safety of sensitive data within the organization. With the right security measures in place, you can create a secure air gap between your users and the web, so that they can continue to browse as needed, and your organization remains safe from harm.

Is Browser Isolation the right choice for your organization? If your employees use the internet, (which they do, of course) then you need to prevent all kinds of threats that come through the web. But, at the same time, you also need to ensure that users are given a seamless web experience, so that they can continue to be productive, and are not restricted from accessing the web resources they need to fulfil their role in your organization. Remote Browser Isolation is a simple and UX-focused way to keep employees, and your organization, both secure and productive.

Browser isolation is a key component of a comprehensive Zero Trust approach to cybersecurity. It should be included in every Secure Access Service Edge (SASE) deployment, which combines network security with network infrastructure in a global cloud-native platform. Instead of relying on network perimeters, SASE protects each user and each app, regardless of whether the user is in the office or remote and regardless of whether the app is hosted on the company’s servers or in the cloud.