- Browser isolation: Secure, user-centric browsing isolates phishing links, plus high-risk and lightly-trafficked websites
- Context awareness preserves native browsing for low-risk websites and trusted online enterprise resources
- Browser isolation fully quarantines web downloads, which comprise most attacks, yet are handled poorly by remote browsing proxies
Everyone wants a safe web browsing experience, but nobody likes overprotective barriers that restrict them from productive Internet usage or alter business workflows to the point of inconvenience or diminished productivity. When it comes to browser isolation, web protection should be applied intelligently and only when risky activity is involved.
If your web usage at work is anything like mine, you typically visit the same set of bookmarked sites on most days: news, cybersecurity, enterprise resources like Office 365 and SharePoint, Salesforce, OneDrive, and maybe Gmail or an occasional top-name ecommerce website. While malvertising is real and can theoretically victimize any legitimate ad-supported website, the chances today are very slight that a major news or ecommerce site will be compromised to the point of delivering browser-borne malware or exploits to visitors, and even smaller for an enterprise resource site.
So, let’s stipulate that we can explicitly trust the top 1,000—or even the top 10,000—global websites and allow our users to browse these sites natively without isolation. For URL links in email and chat programs, lesser-trafficked sites, new domains, and sites with poor reputations, we’ll use browser isolation to eliminate their more substantial risks.
Bromium Secure Browsing—part of the Bromium Secure Platform—isolates risky websites, like those from phishing links and random web searches. Bromium Secure Browsing isolates web-borne threats and browser exploits using hardware-enforced micro-VMs, so you don’t have to rely on detection or restrictive website blacklists. Each browser tab opens inside a unique, single-use micro-VM, isolated from all other tabs, the host PC, the internal network, sensitive files and processes. End users can browse using native Chrome for safe sites, and conduct isolated browsing for risky sites, including suspected phishing links and uncategorized websites.
This flexibility allows for complete access outside of the micro-VM environment for trusted websites via policy—as recommended by Bromium or using your company’s own whitelists. Secure Browsing also protects your intranet from cross-site scripting and other vulnerabilities, allowing for network isolation against external threats while offering special protection to essential Cloud/SaaS services.
Browser Isolation is Only Half the Picture
Remote browsers do a pretty good job stopping browser exploits and fileless web-borne malware, but they do little to solve the much larger problem of malicious file downloads. With improved security built into modern browsers, Bromium customers have been reporting a significant shift to file-based attacks. Most phishing links ultimately aim to download a malicious file—sometimes via direct download—perhaps because many users perceive little risk in clicking on a web link as compared to opening an attachment. Here’s where the remote browser providers fail. Users expect to download the actual documents they’ve selected, not remote renderings or sterile PDF substitutes. Relying on detection alone for downloads doesn’t offer adequate protection, rendering most remote browsing solutions ineffective . Bromium isolates web downloads so that users can work safely with them, delivering files functionally intact in their native formats, and using proper full-featured applications.
Web Security When You Need It
Never heavy-handed, Bromium focuses on risky web activities that can lead to devastating breaches. Bromium Secure Browsing does browser isolation right—employing isolation in a risk-based context only when it’s needed, allowing native browsing the rest of the time, but always isolating risky browser downloads—delivering clear benefits over remote browsing proxies, allowing organizations to:
- Safely open any web link and view any website without fear of watering hole attacks, email phishing links that drop malware, or exploits that span multiple browser tabs
- Keep malware off your endpoints using micro-virtual machines to isolate and contain malicious activity, terminating malware when the browser tab closes, while preserving rich forensics
- Allow users to browse natively for safe and well-known sites, reserving browser isolation for risky sites from phishing links and unknown URLs
- Ease IT strain and restrictive access controls while eliminating the need for website blacklists, and quickly deploy flexible, granular access policies for individuals and groups
Bromium browser isolation is there when you need it for risky sites, stays out of the way for safe sites, and always isolates file downloads that perpetrate most attacks. Bromium empowers your users to click with confidence for a safe and productive web browsing experience!
*** This is a Security Bloggers Network syndicated blog from Bromium authored by Michael Rosen. Read the original post at: https://www.bromium.com/browser-isolation-bromium-eliminates-risk/