Browser Isolation provides businesses with security against web based threats by isolating their browsing activity away from their physical desktop. Browser Isolation has been described as ‘the most effective way’ to improve your cyber security, and many vendors in this market believe that it can totally eliminate all web based threats as an issue for your organization.
The first commercial Browser Isolation technology was launched back in 2010, and since then it has become a leading technology for protecting businesses against web threats, with Gartner arguing that 50% of enterprises will begin to utilize web browsing over the next three years.
But how does this new technology actually work, and how can it protect your employees against threats? This article will explore what Browser Isolation is, how it works, and why it’s a key technology for businesses to consider to protect against web based threats.
What is Isolation?
Browser Isolation isolates users browsing activity, and all of the threats browsers contain, preventing it from affecting from your internal IT infrastructure.
Some view this approach as a modern reimagining of ‘air-gapping,’ an old approach to network security which ensured that a business’ secure IT infrastructure was isolated from the public internet, protecting employees from web based threats such as viruses, ransomware, malicious downloads and unsecure web pages.
Browser Isolation works much the same way. It enables users to use their browsers without needing to worry about web based threats by isolating browsing activity, and the threats associated with web browsing, away from your network.
How Does Isolation Work?
Browser Isolation isolates browsing activity away from end users devices and into a remote server. This server can be on-premises, but not connected to the companies regular IT infrastructure, or it can be delivered as a cloud based service.
This allows the user to continue to surf the web as they normally would, but because the remote browser has been isolated away from the physical desktop and network, they are no longer at risk from web based threats.
There are multiple technologies that deliver browser isolation. The most common way of delivering Browser Isolation is Server-Side Browser Isolation. Server Side Browser Isolation delivers literal isolation of browsing activity, by physically isolating malware and cyber- attacks away from your networks and user machines.
Server-Side models deliver a remote browser to their users, which is hosted on a physically isolated server built to handle cyber risks. This means that end users can continue to use the web without disruption, able to view dynamic web pages as they normally would, and use controls such as copy, paste and print. They normally do not require any endpoint clients or software to be installed.
Key Benefits of Isolation
There are immediate benefits to deploying a browser isolation solution for businesses. Below are some of the benefits of using Browser Isolation to protect your web endpoints.
Reduces Web Based Threats
Isolation stops the delivery of active code to the users local browser and device. This means it blocks web-based infections such as ransomware and advertising from reaching user devices and business networks. The majority of threats facing organizations come from the internet, and so by isolating browsing activity, organizations greatly reduce the risks of attacks.
Gartner estimates that organizations that isolate web browsing will see a 70% reduction in the number of attacks that compromise networks, but vendors we have spoken to, including Menlo Security, have said their customers have seen a 95-99% reduction in successful threats while using browser isolation.
Saves Admins Time
Isolation has benefits over more traditional web filtering solutions in that it is less time consuming and requires less oversight after initial set-up. Traditional solutions usually require admins to whitelist and blacklist pages safe and unsafe webpages for end users to visit. Admins may also have to deal with requests and web based alerts when users have attempted to visit a site that is potentially unsafe.
Browser Isolation remediates this issue by allowing users to access all websites, without needing to worry about threats, as they are isolated away from the user. Like traditional systems, Browser Isolation vendors such as Menlo Security still do offer website classification, so that admins can control the types of pages users can visit. This allows them to set policies around what controls users have on unsafe pages, which saves admins time from having to deal with requests and alerts to investigate.
Increases Productivity
Browser Isolation helps to increase productivity, as it allows users to view the web for research, communication and cloud productivity completely as normal. Using traditional web security approaches, users can find using the web limited by websites being blocked. Using Isolation, users can be more productive by using the web completely as they usually would, without impact on their user experience, while still remaining fully protected from web based threats.
Employees can view PDFs and Microsoft Office files as they normally would, with many Browser Isolation vendors displaying a render of the original file in a ‘safe-mode’ that prevents any threats from being downloaded to the local network. Once a document has been verified as safe, and according to admin policies, users can then download the files and use them as they normally would.
Phsihing Protection
Isolation can help businesses to deal with damaging phishing attacks. The majority of phishing attacks originate via emails, often containing links to malicious phishing websites, or malicious downloads. Some Isolation vendors integrate with email networks to scan these links and attachments and display safe renders to the user, that greatly reduces the risk that even a sophisticated email threat will be successful.
When a user clicks on a file in a phishing email, the Browser Isolation technology will show them a safe render, while anti-virus engines will determine whether or not the original file should be downloaded. If a link within an email is opened, and it goes to a potentially dangerous websites, Browser Isolation solutions such as Menlo Security will display a safe ‘read-only’ version of the page, which does not allow users to enter any account details which would compromise their data.
Comparing Isolation with Traditional Web Security Approches
To discuss how Browser Isolation works, and how it is different to traditional web security approaches, it is useful to compare it to traditional approaches in how they tackle threats and the key feature offered.
Gartner outlines three major categories of web security solutions currently on the market.
- Full Proxy (Cloud Web Filtering)
- DNS Web Filtering
- Remote Browser Isolation
Web Security Defined
Full Proxy (Cloud Web Filtering)
The full Proxy architecture is the traditional ‘Secure Web Gateway’ approach. They filter harmful websites so that internet users cannot access them, and block online viruses and malware from being downloaded to PCs. They can be delivered via the cloud, on premise, or as part of a hybrid solution. This type of approach covers Censornet, Forcepoint, Symantec McAfee and Zscalers’ web security solutions.
DNS Web Filtering:
DNS Filtering is a web security approach that filters internet traffic based on DNS look ups. They filter web pages based on the reputation of domains, so as to stop malicious sites from loading on users’ browsers, protecting them from harmful content. Top vendors in the DNS Web Filtering space are Webroot, Cisco and WebTitan.
Isolation
Browser Isolation renders all browser content to users from secure servers, which means they are protected from web based threats and malicious downloads. Top vendors in the Browser Isolation market are Menlo Security, WebGap and Symantec.
Feature Comparison Breakdown
Cloud Web Filtering | DNS Web Filtering | Isolation |
---|---|---|
Why is Isolation Growing More Popular?
Browser Isolation has been described as the ‘future’ of endpoint security, because it moves away from taking the approach of attempting to prevent breaches, and moves towards containing them. This essentially means that however sophisticated attacks grow, they won’t be able to effect businesses, when your browsing activity is isolated away from your business network it will eliminate the vast majority of threats. Gartner reports that many of its enterprise clients are becoming increasingly frustrated with legacy based approaches to web security failing to prevent web based attacks, and more government bodies moving to remote browsers for greater security.
They won’t be able to stop all attacks of course, such sophisticated phishing attacks (although the best browser isolations can provide strong safeguards against phishing) and insider threats. But for the majority of businesses, Browser isolation provides effective protection against web-based cyber-attacks and malware.
The technologies involved in browser isolation are also becoming far more affordable and much more scalable, meaning they are being adopted by businesses at a much faster rate. When browser isolation as a solution first emerged, it relied on rendering the whole desktop, rather than just the browser, which put strain on servers and made the technology unaffordable and difficult to scale.
Solutions today are far more advanced, with many vendors able to render just the browser and operating system, which is far more scalable.
Browser Isolation doesn’t require any endpoint agents, provides a seamless user experience, is scalable and can support all OS and devices. There’s a strong argument that although interest in this technology is growing at a very fast pace today, it won’t be long before the approach becomes a fundamental security best practice.