Why remote browser isolation is core to zero-trust security

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – August 3. Join AI and data leaders for insightful talks and exciting networking opportunities. Learn more about Transform 2022

Providing internet access to users while protecting against web attacks is the most persistent security challenge organizations face. Unfortunately, the web has become cybercriminals’ attack surface of choice. It takes minutes for cybercriminals to create fraudulent landing pages and websites to drive phishing, malware, credential theft and ransomware attacks. In addition, cybercriminals are always sharpening their social engineering skills, making phishing and spoofing attempts difficult to spot.  

Web is the attack surface of choice 

Google’s Security Team saw a large jump in Chrome browser exploits this year and say the trend continues in 2022. A Google Security blog provides a detailed look at how security teams track exploits and identify zero-day attacks.

The increase is driven by Chrome’s global popularity and Google’s improved visibility into exploitation techniques. In addition, they’re seeing more zero-day exploits in the wild and have set up Project Zero, an internal team, to track zero-day exploits attempted. Zero-day vulnerabilities are those not known to the public or Google at detection. Google’s Project Zero Team recently released their findings of zero-day bugs by technology.

Malware, ransomware and phishing/social engineering attacks grew significantly in 2021 and continue to grow this year. All three approaches to attacking an organization are getting past current antivirus, email security and malware applications. Ransomware will cost victims approximately $265 billion by 2031, with a new attack occurring on average every two seconds. Cybersecurity Ventures finds that cybercriminals are progressively refining their malware payout demands and exportation techniques, contributing to a predicted 30% year-over-year growth in damage costs through 2031.

Phishing attacks continue to grow as cybercriminals look to exploit weak and sometimes nonexistent web access security at the browser level. For example, Proofpoint’s latest State of the Phish found that 15 million phishing messages with malware payloads were directly linked to later-stage ransomware. Hackers rely on Dridex, The Trick, Emotet, Qbot and Bazaloader malware variants most often. Additionally, 86% of organizations surveyed experienced a bulk phishing attack last year, and 77% faced business email compromise (BEC) attacks. 

Why CISOS are turning to remote browser isolation for zero trust  

Reducing the size of the attack surface by isolating every user’s internet activity from enterprise networks and systems is the goal of remote browser isolation (RBI). CISOs tell VentureBeat that the most compelling aspect of RBI is how well it integrates into their zero trust strategies and is complementary to their security tech stacks. Zero trust looks to eliminate trusted relationships across an enterprise’s tech stack because any trust gap is a major liability. RBI takes a zero-trust approach to browsing by assuming no web content is safe.

When an internet user accesses a site, the RBI system opens the site in a virtual browser located in a remote, isolated container in the cloud, ensuring that only safe rendering data is sent to the browser on a user’s device. The isolated container is destroyed when an active browsing session ends, including all website content and any malware, ransomware and weaponized downloads from websites or emails. To prevent data loss, policies restrict what users can copy, paste, and save using browser functions, such as social media or cloud storage sites. No data from SaaS sites remains in browser caches, so there’s no risk of data loss via the browser if a device is stolen or lost.

Considered a leader in providing a zero-trust-based approach to RBI, Ericom’s approach to RBI concentrates on maintaining native-quality performance and user experience while hardening security and extending web and cloud application support. For example, their RBI isolates websites opened from email links in the cloud, so malware can’t enter endpoints via browsers and halt phishing attempts. It also identifies and opens risky sites in read-only mode to prevent credential theft.

Additionally, Ericom has developed a unique RBI solution called Virtual Meeting Isolation that allows it to seamlessly isolate even virtual meetings like Zoom, Microsoft Team Meetings and Google Meet, to prevent malware and exfiltration of confidential data via the meeting. Ericom’s RBI can also secure endpoints from malware in encrypted sites, even IMs like WhatsApp. Every RBI vendor takes a slightly different approach to deliver secure browsing with varying user experience, performance, and security levels evident across each solution. Additional RBI vendors include Cloudflare, Menlo Security, McAfee, ZScaler, Symantec and others. 

CISOs interviewed for this article also told VentureBeat via email that RBI works when securing endpoints by separating end-user internet browsing sessions from their endpoints and networks. In addition, RBI assumes all websites might contain malicious code and isolate all content away from endpoints so no malware, ransomware or malicious scripts or code can impact a company’s systems. One CISO says that his organization uses four core criteria to evaluate RBI. The first is the seamless user experience, a core requirement for any RBI solution to be deployed company-wide. The second is how consistently the system delivers the user experience. CISOs also look for how hardened the security and policy features are. The fourth factor is how deep the functionality and applications support is. These four criteria guide the selection process for RBI solution providers with CISOs today.

The future of RBI 

Web access is necessary for every business to stay competitive and grow, making it the most popular attack surface with hackers and cybercriminals. As a result, CISOs want zero trust in the browser and session level with no degradation in user experience or performance. RBI’s rapid advances in secured containers, more hardened security, and a wider variety of functions deliver what CISOs need. The goal is to provide an air gap between a user’s browser sessions and enterprise systems. Leaders in providing RBI systems ensure their solutions can be complementary and scale with security tech stacks as they move toward zero trust.

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.

Source: Read Full Article