Bromium Secure Browsing Isolates Intelligently and Maximizes Browser Choice

Web browsing is intensely personal, even at work. Users develop strong preferences, tend to lock in a browser early, and are fiercely loyal to their favored choice. Forcing them to change browsers—or even strongly suggesting it—is often met with resistance, and sometimes with outright subversion by installing and using unauthorized browsers. With the web so dominant in our lives, you can be sure that users will find a way to browse the way they like—so you might as well give them the browser options they really want, all while maintaining the critical high-security posture you need to keep your organization safe from web-borne threats, including web file downloads from any browser.

Web browsing must be genuine. Users typically have little tolerance for heavy-handed security restrictions. They demand a natural browsing experience—the websites they visit must look, feel, and act the way they expect—or they will likely be dissatisfied and maybe even less productive. This seamless user experience is best accomplished by letting users browse natively for routine low-risk web tasks using genuine Chrome, Firefox, or Edge, while automatically isolating high-risk tasks—email phishing URLs, chat links, and unknown sites from web searches—in the Bromium Secure Browser.

We achieve the balance between security and productivity through intelligent browser isolation—reserved only for when it’s needed, based on your specific risk profile—down to the user or group—by way of the Bromium Secure Browsing Extension (SBX), which automatically routes risky websites into the Bromium Secure Browser where they are hardware-isolated from the host PC using virtualization-based security. Safely isolated inside a protected virtual enclave, browser zero-days, Flash and JavaScript exploits, and fileless malware have no place to go—they can’t reach the real PC’s operating system, file system, registry, or the internal network—yet websites render quickly and with key functionality and navigation features intact.

Bromium Secure Browsing Extension for Edge

In Bromium 4.1, we debuted targeted browser isolation with the launch of our Chrome SBX, sensibly starting with the browser holding the largest market position. In Bromium 4.1.4, we followed up with Firefox SBX support, thus covering the top-2 browsers. Now with Bromium 4.1.5, we’ve rounded out the dominant user options with Edge SBX support, bringing intelligent risk-based isolation to the 3 leading modern browsers—notwithstanding recent Microsoft news on the future of Edge—while retaining full isolated browsing in legacy Internet Explorer that Bromium has had for years. According to NetMarketShare data for year-end 2018, these 4 browsers currently hold 89.2% of the Desktop/Laptop market, which should meet the needs of the vast majority of users and organizations—9 out of 10—across industries.

If you’re like me, you might enjoy starting your morning by catching up on world events. Browsing natively in Edge, Chrome, or Firefox, you happen to stumble upon a suspicious-looking website that may or may not host Syrian malware. (Okay, it does.) This website may be explicitly blocked by policy in a blacklist or restricted based on site categorization from a web proxy, but it can still be opened safely in Bromium Secure Browser. This way, organizations don’t have to block access based on “it might be malicious”—they can allow access and still eliminate any risk by isolating the website. As it turns out, this ominous-looking site is not malicious, but I didn’t know that before I first browsed to it, and I definitely wouldn’t open any of the downloadable files without isolation, critical protection you simply can’t get from remote browsing solutions.

This ominous-looking site contains no malicious web code, but you can be sure the downloads do. Bromium isolates them as well!

In cases where sites are not redirected by the SBX automatically based on blacklists or web filters, users can simply right-click any URL and choose Open in Secure Browser to isolate websites for any reason. Key users with ultra-high security needs or heightened risk profiles may even elect to do all (or most) of their browsing in the Secure Browser, just for an added measure of safety. It’s entirely up to you and your Bromium administrator, driven by your specific risk profile.

Even if your users don’t mine the dark corners of the web for nation-state malware in their spare time, more traditional and mundane web pursuits also benefit every day from browser isolation. Bromium Secure Browsing provides unmatched protection for common, high-risk use cases driven by attacks from the outside world from email phishing, chat links, and direct-download URLs. This means you don’t have to isolate everything, keeping an inobtrusive presence and ensuring high user satisfaction. After all, your bookmarks for recurring sites are probably safe—along with your intranet pages, commercial and government web services, standard news portals, and brand-name ecommerce websites. In general, if the link is suspicious or unknown—or has been sent to you from outside your organization—then the safe and reasonable approach is to isolate it to eliminate any potential risk.

Browsing with the Bromium SBX for Chrome, Firefox, or Edge makes policy-based web security easy and automatic—and the Secure Browser can be used anytime you have a twinge of doubt regarding a site’s safety. Remember, surfing today’s web without browser isolation is like skydiving without a parachute, and Bromium provides a full canopy of protection unavailable with any other security solution!

The post Bromium Secure Browsing Isolates Intelligently and Maximizes Browser Choice appeared first on Bromium.

*** This is a Security Bloggers Network syndicated blog from Bromium authored by Michael Rosen. Read the original post at: