- Most breaches start with the user performing a risky click
- Windows 10 and modern browsers are more secure, but still susceptible to risky clicks
- Bromium’s virtualization-based security seamlessly isolates risky clicks inside unbreakable virtual machines
Let’ face it, Internet Explorer, along with its plugins such as Flash, Java, and Silverlight, cannot be used to safely browse the Internet, as these technologies cannot be secured. They are unsecure by design. For more on this see my previous blog entitled Internet Explorer is Dead, Long Live Internet Explorer?
However, Windows 10 running an up-to-date modern browser such as Chrome or Edge is infinitely more secure than running a legacy browser like Internet Explorer. Using Chrome, Edge or even the latest version of Firefox for casual web browsing of sites like Amazon, YouTube, Netflix, Apple, or most well-known sites is perfectly safe. This is not to say that Windows 10 and browsers such as Chrome or Edge can’t be exploited; it’s just much harder to do so, as these technologies have been rewritten from scratch with security top of mind.
For the most part, users rarely stumble across true zero-day Windows or Chrome exploits when casually surfing the web. Most true zero-day exploits for Windows 10 and modern browsers occur with a targeted phishing link that directs the user to a website containing the zero-day malware. These are what we call risky clicks.
Risky clicks come in many forms such as.
- Links sent via email
- Links sent via IM
- Links sent via social media sites
- Email attachments
On the other end of these risky clicks is zero-day malware that can often breach the defenses of Windows 10 or modern browsers such as Chrome and Edge. This malware is typically hosted on uncategorized websites or legitimate websites with poor security that have been compromised as part of a watering hole attack. While any legitimate website could theoretically be compromised and used in a watering hole attack, it is typically lesser-known business or educational sites that are compromised. It’s unlikely that well-known sites such as Microsoft, Amazon, Google, eBay, Facebook, Marriott, etc., are to be turned into malicious sites.
How many times a day does a user in your organization click on a link to a lesser-known website, open an email attachment from an external sender, or download and open files from Internet websites? Is it 1, 2, 5, 10 or more risky clicks that your users average per day? Let’s assume the average user executes 5+ risky clicks per day. If your organization has 1,000 users, that means there are 5,000+ risky clicks that occur every day, 25,000+ every week, 100,000+ every month, and over 1 million every year! Now imagine if you have 10,000 or even 100,000 users or more in your organization. That’s tens if not hundreds of millions of risky clicks that happen every year!
All it takes is a single user to click the wrong link one time and it could become a devastating breach. Given that most organizations are processing millions of risky clicks ever year, there’s simply no amount of user education or training that will prevent a risky click from eventually breaching your organization.
Bromium has been using virtualization-based security for several years to help our customers isolate external email attachments and all Internet activity into unbreakable virtual machines called micro-VMs. Opening email attachments, downloaded files and performing all Internet activity in a secure virtual machine is as close to bullet-proof that one can get, short of disconnecting completely from the Internet.
However, if we are honest about using virtualization-based security to run every Internet website in a micro-VM, it can be a bit heavy. It’s kind of like driving a military tank to work every day; surely, you are going to arrive safe 100 percent of the time, but it’s not going to be the most pleasant driving experience!
Bromium Secure Platform 4.1 to the Rescue!
With Windows 10, if you run a decent ad blocker and limit browser extensions to a known good white-list, it is safe to let users browse most well-known Internet sites with Chrome, Edge and the latest version of Firefox.
With Bromium Secure Platform 4.1 we have adapted our technology so that we can selectively and seamlessly apply our military-grade virtualization-based security only when high-risk activity occurs. If a user clicks a legitimate link to their banking website, opens an email attachment from a trusted sender, or launches a legit conferencing tool downloaded from a site such as WebEx or GotoMeeting, we simply get out to the way and let those activities run on the device using the secure modern browser of your choice: Chrome, Edge or Firefox.
Additionally, with Bromium Secure Platform 4.1, we are still protecting all browsers running on your device by isolating into micro virtual machines the risky files that are downloaded from the Internet. For example, if you download a digitally signed collaboration tool from WebEx using Edge, we can let that run on your device. However, if you download a random Word or Zip file from Dropbox using Edge, we can force that to open in a secure micro-VM.
Using new default out-of-the-box policies in Bromium Secure Platform 4.1, we can seamlessly focus our military-grade security on those high-risk clicks! This leads to a much better user experience and simplified deployment. Instead of making you drive a tank everywhere you go, we let you drive the tank or light armored vehicle only when you are in a war zone!
For a detailed demo of how our latest version of Bromium Secure Platform 4.1 brings military-grade security to the masses and safely isolates risky clicks, check out the following video:
The post Seamlessly Isolate Risky Clicks with Bromium Secure Platform 4.1 [Demo Video] appeared first on Bromium.
*** This is a Security Bloggers Network syndicated blog from Bromium authored by Dan Allen. Read the original post at: http://blogs.bromium.com/seamlessly-isolate-risky-clicks-bromium/