Dealing with phishing attacks from email is one of the largest challenges facing security teams and systems analysts all over the world. There is a plethora of different vendors and different technologies out there that promise to be able to stop threats like phishing, ransomware and Business Email Compromise coming from email. But the fact remains that most technologies fail to stop phishing emails from making it into user inboxes.
Menlo Security offers protection against these threats with Browser Isolation. They have developed a technology that they promise can remove up to 99% of data breaches impacting an organization.
This article will cover why organizations are at risk from email attacks, what Browser Isolation is, and how Menlo Security can protect businesses against phishing.
Why are businesses at risk from phishing attacks?
In the last few years email has grown to be the most popular and most lucrative attack vectors for cyber criminals, bad actors and hackers. This is largely because email is so ubiquitous as a communications tool and because technologies designed to protect businesses against email threats are unable to stop them from reaching users’ inboxes.
Phishing attacks aim to trick users into clicking on a malicious link or downloading a malicious file attachment. These attacks are often highly targeted and are becoming more sophisticated, making it difficult for even the most security conscious users to spot a phishing email from a legitimate email.
Email Security technologies find it difficult to detect these threats because they often do not appear to be obviously malicious. Email Security solutions typically utilize third party threat intelligence to determine if email attachments or URLs are malicious. If the threat is a new ‘zero-day’ threat, which is not flagged by the filters, the email will be delivered to email inboxes.
The risk from phishing attack have meant businesses have needed to invest more heavily into more advanced email security solutions, and into security training for their employees. This is crucial to meet compliance regulations and help to protect data and employees.
However, Browser Isolation is a new security approach which aims to help businesses deal with the threat of phishing attacks.
What is Isolation?
Isolation is a new approach to business security, which moves away from a model of detecting cyber security threats and blocking them. Instead, all web content is fully isolated on secure servers, and rendered to users. This removes threats from malicious web pages, and file downloads from reaching user’s devices and business networks. The main aim of Browser Isolation is to provide complete protection against web based threats while keeping a seamless user experience while browsing the web.
Isolation delivers a remote browser to their users, which is hosted on a physically isolated server built to handle cyber risks. This means that end users can continue to use the web without disruption, able to view dynamic web pages as they normally would, and use controls such as copy, paste and print. It normally does not require any endpoint clients or software to be installed, is quick to deploy and is scalable.
Menlo Security provides an Isolation service. It renders dynamic web pages to users that isolate all web based threats including malware, viruses and ransomware. It also protects against malicious downloads, by giving users a fully safe rendered version of any web based downloads.
How can browser isolation stop Phishing Attacks?
Browser isolation can protect users against phishing attacks in two ways.
Email Link Isolation
All web content is isolated away from the user device and executed in a cloud isolation platform. This means that any malicious links delivered within email are scanned and isolated, so that only safe and authorized content are delivered to end users.
In addition, based on admin policies that have been set, URLs that are classified as risky or unknown are opened in a ‘read-only’ mode, which means that users cannot input any text on the page. This alleviates the threat of credential theft, by stopping users from filling out forms on unsecure web pages. Some vendors will also display warnings on malicious web pages, which helps to train users on what a phishing page looks like and helping them stop making a similar mistake again.
Email Attachment Isolation
Market leading browser isolation vendors will also isolate contents in email attachments. This means that when a user receives an email with an attachment, the document can be viewed with 100% safety in Isolation, without disrupting the end user experience. This helps to prevent any malware or ransomware infecting business networks from email phishing attacks.
The document can be viewed as normal by users, but any threats will be fully removed. Admins can also give users the ability to download a safe, macro-free version of the document, which means users have no workflow disruption without any threats being able to enter the business network.
Summary
Isolation provides businesses with an effective way to block phishing attacks, by isolating threats within URLs and attachments. This is a whole new approach to the phishing problem, moving away from the angle of detecting threats, and towards a ‘zero-trust’ approach of using Isolation to remove the threats entirely.
If you’re interested in reading more about the different Isolation vendors on the market, visit our Browser Isolation category.
