Organisations can no longer rely on traditional web security solutions, so what’s the answer? asks James Derbyshire, Browser Isolation expert for the cloud platform company Garrison.
Since the onset of the pandemic, the security risk posed by employees has increased exponentially as remote work has become commonplace. When working from home employees are able to operate beyond a business’ traditional security parameters, leaving organisations more vulnerable to cyber-attacks and creating new challenges for security teams. Hybrid working means that governments and commercial businesses are even more reliant on the judgement of individual employees who are largely free to decide which sites to browse and which email links and attachments to trust.
This comes at a time when social engineering attacks, in particular phishing scams and ransomware, are increasingly sophisticated and commonplace. According to Verizon’s latest Data Breach Investigations Report , these attacks accounted for over a third (36 per cent) of all data breaches in 2021.
Web‐based attacks are also a growing threat. Google Safe Browsing lists over two million known websites as dangerous. But as this only includes known threats, the real number is likely to be far greater. The result is that security teams are grappling with unprecedented threat levels, in particular targeted attacks against high-risk staff, which could put entire organisations at risk.
The need to rethink traditional security solutions
Historically organisations have relied on detection-based security tools such as firewalls and web filters to keep users safe, but these traditional methods are struggling to keep pace with increasingly complex and targeted attacks. To add to the challenge, these methods are usually ineffective in defending against zero-day attacks, leaving organisations vulnerable to growing unknown threats.
Many companies are choosing to invest in user training to counter this growing problem. But even when equipped with exhaustive training, a conscientious employee can still fall prey to a cleverly disguised social engineering attack. All it takes is one false move from one employee to puncture your security perimeters and give malicious code access to your business-critical network and sensitive data.
Ushering in a new era of security
Security conscious organisations across the public and private sectors are increasingly turning to Browser Isolation to defend against social engineering and web-based threats.
Browser Isolation ensures users’ devices never come into contact with web code, by using a remote machine that accesses the web pages for the user, and then delivers a safe, clean version. For the employees, there is no discernible difference when going online, but the security implications are game changing; by sealing off an organisation’s internal network from risky web pages, Browser Isolation completely removes the threat of attacks.
Protection without compromised access
Cyber-attacks typically target users with access to the most sensitive data or systems. Whereas traditional security techniques focus on restricting web access for these groups, Browser Isolation enables full web access while offering up far higher levels of security.
Full protection against phishing and ransomware attacks
Organisations continue to try to educate users not to click on risky links, but experience shows this has limited long-term success. The reality is that users are not security experts and risky URLs and suspect files are increasingly hard to detect. The use of a Browser Isolation solution removes the pressure from employees, leaving them free to follow links and open attachments safely in an isolated cloud environment, without putting the organisation’s sensitive data and systems at risk.
Unrestricted web access
Traditionally security teams have looked to minimise risk by using URL filtering to restrict access to websites. However, the inordinate number of sites globally (over 1.9 billion at the time of writing) as well as limited security information to guide decision making, means that it is challenging, if not impossible, to classify websites with confidence and at pace. This often results in business frustration if restrictions are too heavy-handed or increased organisational risk if restrictions are too lax.
By containing the web browser in an isolated environment before relaying web content back to the user, Browser Isolation provides users with safe access to the web, regardless of a page’s security status.
Partial versus full Browser Isolation
When deciding on a Browser Isolation solution, security professionals need to choose between partial and full Browser Isolation. These solutions use different approaches to relay the webpage back to the user and as a result offer differing security levels.
Partial Browser Isolation
Partial Browser Isolation tends to use transcoding, a process that turns website code into smaller subsets of information, removes any malware and then reconstructs and sends it back to the user’s device.
In contrast to full Browser Isolation, partial Browser Isolation is a porous solution that always lets some of the original web code through. And since most transcoding providers don’t offer details on what code goes through and what gets stripped out, it’s impossible to know exactly how secure any solution is.
An added complication is that partial Browser Isolation solutions can offer poor compatibility with multimedia content, restricting employees’ browsing experience and therefore potentially also their ability to fulfil their roles.
The Zero-Trust solution
Conversely, Full Browser Isolation takes a Zero-Trust security approach, completely separating all web code from the user’s device, meaning that your company’s central network is 100 per cent shielded from malicious code. Full Browser Isolation handles all web browsing and then feeds the information back as a video stream, known as Pixel-Pushing , much like a virtual desktop solution but with a far superior user experience.
Employees never interact with the original web code, instead only ever seeing a series of pixel images of the web page. This means that unlike the partial Browser Isolation options, an organisation is provided with robust, uncompromised security, while the user is delivered a seamless web browsing experience.
Software or hardware-based solution?
While both software and hardware-based Pixel-Pushing deliver high levels of protection for users, the software option can be processor and bandwidth-intensive, leading to high operating costs. Newer, hardware-based solutions mitigate much of these bandwidth requirements, significantly reducing ongoing costs and improving browsing experience.
Hardware-accelerated Pixel-Pushing has the added advantage of being able to be deployed in the cloud or on-premise. Cloud solutions running on purpose-built hardware can offer the same benefits without the costs of hardware deployment and maintenance, providing a powerful mix of security, usability and compatibility alongside lower costs and management overheads.
Zero-Trust security with uncompromised web access
Today’s threat landscape means that enterprises and government departments can no longer rely on their employees or on detection-based security solutions to comprehensively protect their critical data and systems from attacks.
Browser Isolation delivered through Pixel-Pushing is a Zero-Trust approach that gives organisations complete web security, IT simplicity, and cost-effectiveness, and all without negatively impacting the user experience.