Remote browser isolation (RBI) solutions allow you to isolate your web browsing from the rest of your network, thereby preventing any malware from imbedding itself on your device.
From an end-user perspective, it will look like they are browsing the web as normal. However, the browsing itself is taking place in a secure, isolated environment. One way to think about this is as if you are viewing the website through a live stream. You are seeing a live “video” of it, rather than engaging with the browser itself.
Remote Browser Isolation is primarily achieved through the use of containerization or virtualization technology in order to isolate the user’s browsing session from the device they’re using for that session. It’s typically achieved through hosting these browsing sessions through a cloud-hosted remote server. When a user visits a malicious website, any harmful code will be able to run on the user’s device, infecting the device and subsequent network.
RBI technology prevents this by processing the web page within a cloud-hosted browser, before presenting the web page to the user. The web page will be run and sandboxed within this safe cloud-hosted browser, with the connection terminated once the user’s web session is finished. The browser will scan and render, or strip and present, all content on the page before delivering it in a safe format to the user, meaning that the user’s device doesn’t interact with any potential harmful code on the page.
In practise, a user will try to access a potentially malicious site. This request will be sent through the RBI which will evaluate the site and compare it against lists and defined policies. If anything is flagged, then the RBI solution will create an isolated browser session to run the page in. The tool will then connect to the site and load the content safely onto the isolated browser.
There are a few ways that RBI can be deployed and configured. It can either create a rendered image of the web page a user is trying to visit, or it can just remove any malicious pieces of code and just deliver:
While the benefits of having RBI in place to protect your users as they navigate the web–and any potentially dangerous sites–there are some drawbacks to having RBI that need to be considered.
Top Remote Browser Isolation Features
Blocks Malware
Browser Isolation eliminates web based threats by executing isolation away from end user devices.
They allow users to browse the internet as they need to, without having to worry about malicious downloads or unsafe webpages.
Protects Against Phishing Attacks
Using Browser Isolation, users can open links in emails without needing to worry about phishing attacks. All email links are opened in the secure isolated server, which prevents users from downloading malware or ransomware which originates from phishing emails.
This helps to mitigate the risks of harmful phishing attacks, which are the largest type of threats facing organizations at the moment.
Prevents Credential Theft and Data breaches
Browser Isolation protects employees against being hacked, having their credentials stolen, or experiencing data loss. Admins can set a ‘read-only’ mode and warnings on suspicious pages or unknown pages. This means that readers are only unable to accidentally type in their account information or passwords.
In addition, admins can prevent data loss, by ensuring that when using isolation, users are unable to upload files to malicious websites.
Document Isolation
Browser Isolation renders documents such as PDFs and Office Files to the user. This helps to block the malware and ransomware attacks that can be delivered through malicious files.
According to admin policies, If a user opens the rendered file and sees that it issafe, users can download the original file, and use it as they normally would.
Endpoint Protection
Browser Isolation protects endpoints from web based threats. They should protect against dynamic content, Adobe Flash based malicious operations and all malicious internet based connections. This provides a safe, secure user experience without impacting on the user’s device performance.
Reporting and Forensics
Browser Isolation provides admins with logs and reports directly in the admin portal. This means that admins can analyse attacks that have been stopped.
These reports should help admins see what threats they are facing and see what users are visiting malicious web pages.
Use Cases of Isolation
Protection Against Phishing Attacks
If you receive a phishing or spear-phishing attack via email, Browser Isolation will fully protect you. If you were to click on a link in a phishing email, any malicious download such as viruses or ransomware, would be fully isolated from your files and PC.
If you were to be taken to a phishing website due to an email URL such as a fake log-in page for Office 365, the top Browser Isolation solutions such as Menlo Security will categorize the site as being harmful and display a read-only version of the page, as well as a warning to let you know the page is unsafe.
This means you would be unable to attempt to log-in, and attackers will be unable to view your account details and passwords. Users should have the ability to switch pages so they can log-in however, in the cast that the site was genuine.
Protection for Remote Workers
Browser Isolation can protect any device, wherever it is. This means it provides comprehensive protection against web based threats for remote workers. As Browser Isolation technology is cloud based, and works via proxies, it can be easily deployed to any device, regardless of where the internet connection is accessed.
Browser Isolation works on all devices. This means if your employees work remotely, they will still be protected, as the Isolation takes place regardless of whether or not you are on company premises. Employees work at home with complete security, or even work on an unsecure Wi-Fi Network, such as at a coffee shop, with zero risks.