Internet-borne threats such as ransomware and other malware are wreaking havoc on enterprises, large and small. As organizations further integrate the web to run front- and back-office operations, the reliance on browser-based and mobile applications only amplifies security risk and vulnerability.
Each day, new strains of malware are penetrating IT security infrastructure and processes, thus impacting, if not disrupting business. Even the most proactive, security-minded enterprises have been compromised.
According to the Ransomware Damage Report published by Cybersecurity Ventures, it is predicted that ransomware damage costs will exceed $5 billion in 2017, up more than 15 times from 2015. In a survey reported by cybersecurity experts Imperva, 59% of 170 security professionals who recently attended the RSA 2017 conference expressed that the most significant effect of a ransomware attack was the downtime experienced due to lack of access to systems.
Organizations are spending a staggering amount of money in the aftermath of an attack; more than $3,000 per day for up to 30 days to mitigate and recover from such occurrences, citing a report from Solutionary.
Today’s security technologies offer a patchwork of applications and systems such as proxies, filtering, and blocking solutions to help detect, deflect, or impede cyber-threats launched via web and email. The challenge with these solutions is that most are reactive in scope.
As ransomware techniques and malware continue to evolve, it is becoming more difficult for existing anti-virus, firewalls, and other types of “detect and block” solutions to deliver the utmost in security.
In fact, according to the FBI, organizations should spend less time on detection and focus on two main areas:
- Prevention – awareness training for employees and robust technical prevention controls
- Business Continuity – creating a solid business continuity plan, including daily backups and verification
Let’s take a closer look at prevention. With internet-borne threats easily propagated from a single click or file download, enterprises need a way to contain, or isolate, browser sessions from the endpoint device and network. This is the essence of browser isolation.
Isolated Security
Fully complementing existing IT investments, browser isolation secures users from malicious web content, eliminating the threat vector of the myriad of strains. This new approach provides the highest level of security without burdening IT with endpoint installs and costly maintenance. Most importantly, it provides a transparent solution for users – they can access web-based applications and browse the internet using any device without the possibility of interfacing with rogue links and files.
Zero Endpoint Administration
Browser isolation offers a clientless approach, meaning there is no endpoint installation required. This gives enterprises the flexibility to utilize HTML5-based browsers on any operating system and device. The browsing session is executed inside a one-time, disposable container in a remote “safe zone”, ensuring any potential malware is fully contained and disarmed in a demilitarized zone (DMZ) – never making its way to the device or network.
Secure User Experience
While the virtual browser launches in an isolated environment outside of the network, users do not notice anything different. There is no performance degradation or latency. Once the session is closed, all activity and browsing history is wiped. Unlike threat detection and remediation solutions, browser isolation technology enables enterprises to deliver a more transparent solution without compromising security.
File Containment
Malware comes in all shapes and sizes. In addition to links, nondescript file downloads offer a clever payload to launch a cyberattack. Attacks employing email-based ruses such as the Locky virus in 2016 targeted companies leveraging Windows scripts. Once the email attachment was opened, the script file executed a CryptoWall rendered the endpoint device inaccessible without paying a ransom to decrypt the files that were locked. In an isolated browsing environment, files are made available after they are cleared of any potential malware.
Unsafe browsing has posed multiple risks that go beyond the capabilities of standard “detect and block” methods used by conventional solutions. All it takes is one click on an innocuous link or email to simply hand over the keys to hackers. For most enterprises, the fact that they have not yet been affected by a cyber-threat does not mean that they are any less vulnerable.
Unfortunately, it is not a matter of if but when. The practice of prevention as part of a layered defense is at the forefront of browser isolation, thus helping to ensure the safety of enterprises worldwide.