What is Browser Isolation?
Isolation is an approach to web security which focusses on isolating online threats, rather than blocking access to them.
The effect of this is that when an employee visits a malicious webpage, or clicks on a malicious file download, they don’t have to worry about their devices being compromised, as all activity is isolated.
This is possible because web browsing doesn’t actually take place on the user device itself. Instead, all user sessions take place on a secure server, and a safe rendering of the browser is delivered to the user.
The user itself shouldn’t even notice any major differences when using Browser Isolation. They are able to use their device as they usually would, with no slowdown or lag. However, they will be fully protected from malware, ransomware and any other malicious activity.
How Does Isolation Work?
Remote Browser Isolation technologies fetch and execute web based commands in secure servers. These sessions are rendered on a device, such as a desktop or laptop computer, so as to provide a native user experience, that works with any operating system, device or browser.
The best commercial isolation solutions are fully cloud based and work as a browser proxy. They don’t require any additional clients, agents or browser plug-ins. This means that Isolation can work on any device, and provides a seamless user experience, with no discernible difference between rendered browsing and browsing on the machine. The user should also be able to use all of their normal controls, such as ‘copy’, ‘paste’ and ‘print’.
How is Isolation different to other Web Filtering technologies?
Most web security solutions for businesses on the market take the approach of categorizing URLS as being safe, risky or dangerous using different algorithms. When a website is categorized as unsafe using this approach, the user is blocked from visiting this site.
This approach is effective but can run into difficulty when a user visits a domain that is not categorized, but still has the potential to be risky. Admins have the choice to block these sites, and potentially harm productivity by over-blocking, or allow them and potentially cause security issues.
Isolation means that users can access any website, even if it is harmful, but that they will not be affected by any malicious activity on those sites. On harmful or unknown sites, users are delivered a ‘read-only’ version of the page, allowing them to read content, but not input any passwords or financial information. If they download any attachments, a safe rendering is delivered, stopping the delivery of any viruses or malware.
Benefits of Browser Isolation
Prevents Costly Data Breaches
By delivering a safe rendering of web pages and downloads, Browser Isolation can prevent costly and damaging data breaches. Because all browsing activity is securely isolated, it doesn’t matter if your employees inadvertently visit a malicious website, click on links within phishing emails, or download harmful files. The Browser Isolation technology will safely handle these threats, without harming your machines or breaching your sensitive data.
Doesn’t Impact Device Performance
Isolation doesn’t require any installation of endpoint software or browser plug-ins, so it does not impact the speed or performance of user device. Browser Isolation can also work on any operating system or browser, so you can easily deploy and scales across your organization.
Provides a native Browsing Experience and Increased Productivity
Isolation provides a seamless user experience. Users can log into their devices, open Chrome, Edge, Safari, or any other browser they may wish to use, and continue to use the web as normal, without any webpages being blocked because of malware. They can stream video, visit any webpage, download PDFs, access web based apps and use online Office document. Users can use normal controls, such as ‘copy’, ‘paste’ and ‘print’ as well as searching webpages.
Simplifies Online Security Management
Isolation simplifies web security for admins. It means that they do not have to spend time setting up web control policies, such as whitelisting domains or dealing with requests to blocked websites.
Key Security Features
Blocks Malware
Browser Isolation eliminates web based threats by executing isolation away from end user devices.
They allow users to browse the internet as they need to, without having to worry about malicious downloads or unsafe webpages.
Protects Against Phishing Attacks
Using Browser Isolation, users can open links in emails without needing to worry about phishing attacks. All email links are opened in the secure isolated server, which prevents users from downloading malware or ransomware which originates from phishing emails.
This helps to mitigate the risks of harmful phishing attacks, which are the largest type of threats facing organizations at the moment.
Prevents Credential Theft and Data breaches
Browser Isolation protects employees against being hacked, having their credentials stolen, or experiencing data loss. Admins can set a ‘read-only’ mode and warnings on suspicious pages or unknown pages. This means that readers are only unable to accidentally type in their account information or passwords.
In addition, admins can prevent data loss, by ensuring that when using isolation, users are unable to upload files to malicious websites.
Document Isolation
Browser Isolation renders documents such as PDFs and Office Files to the user. This helps to block the malware and ransomware attacks that can be delivered through malicious files.
According to admin policies, If a user opens the rendered file and sees that it issafe, users can download the original file, and use it as they normally would.
Endpoint Protection
Browser Isolation protects endpoints from web based threats. They should protect against dynamic content, Adobe Flash based malicious operations and all malicious internet based connections. This provides a safe, secure user experience without impacting on the user’s device performance.
Reporting and Forensics
Browser Isolation provides admins with logs and reports directly in the admin portal. This means that admins can analyse attacks that have been stopped.
These reports should help admins see what threats they are facing and see what users are visiting malicious web pages.
Use Cases of Isolation
Protection Against Phishing Attacks
If you receive a phishing or spear-phishing attack via email, Browser Isolation will fully protect you. If you were to click on a link in a phishing email, any malicious download such as viruses or ransomware, would be fully isolated from your files and PC.
If you were to be taken to a phishing website due to an email URL such as a fake log-in page for Office 365, the top Browser Isolation solutions such as Menlo Security will categorize the site as being harmful and display a read-only version of the page, as well as a warning to let you know the page is unsafe.
This means you would be unable to attempt to log-in, and attackers will be unable to view your account details and passwords. Users should have the ability to switch pages so they can log-in however, in the cast that the site was genuine.
Protection for Remote Workers
Browser Isolation can protect any device, wherever it is. This means it provides comprehensive protection against web based threats for remote workers. As Browser Isolation technology is cloud based, and works via proxies, it can be easily deployed to any device, regardless of where the internet connection is accessed.
Browser Isolation works on all devices. This means if your employees work remotely, they will still be protected, as the Isolation takes place regardless of whether or not you are on company premises. Employees work at home with complete security, or even work on an unsecure Wi-Fi Network, such as at a coffee shop, with zero risks.
