In a previous blog post, I explored how a simple DNS change can keep you safe when at home. Now enterprises have many such measures beyond just DNS. They have firewalls, proxies, IPS which secure users as they access the WWW. The most effective of these tehcnologies are the proxy. During my time at Symantec, we aquired Bluecoat. The Rolls Royce of enterprise proxies; seamless UserAuth, Scalability, reliablity – the whole works.
Proxies are great at categorizing websites and allowing and denying access to good and bad ones respectively or ones approved for business use. The reality is a new website is spawned every minute and its not possible to stay ahead using categorization. Add to that the false positives/negatives. Users will access the internet and browsers remain vulnerable to cybercriminal attacks such as browser-borne malware and zero-day threats. What’s more, a company’s internal user may copy-paste sensitive data into another website, application, or physical location. These actions, however innocent in many cases, can lead to a critical data breach
What is Browser Isolation(BI)?
BI is the concept of “browser isolation”, which creates a “gap” between a user’s web browser and the endpoint device, thereby protecting the device (and the enterprise network) from exploitation and attacks. This is a zero-trust approach compared to secure web gateways, antivirus software, or firewalls, which rely on known threat patterns or signatures. While ther are many browser isolation techniques I will explore the one I am familiar with – Remote Browser Isolation (RBI)
ImgSrc: Cloudflare
Simply put, the original content of the website it never sent to the users browser. This is done via
- Streaming the website or pixel pushing. Honestly the first time i saw this it wow’d me. The ability to interact with a website which was simply images. Not very optimal from a performance standpoint
- Webpage rewriting – removing malicious content before sending it to the user. Efficient and low bandwidth cost but can break UX.
From the 2 approaches, Streaming offers the most security. Not malcode makes its way to the end user browser.
When implemented RBI can defend against Drive by Downloads, Malvertising, Click-jacking, some phishing attacks, cross-site scripting.
So which one should you pick – it depends on the security needs of your organization. With the increased requirements for internet separation, BI is an efficient way of implementing a secure control with relatively no loss of user productivity
Security Bytes 
Leave a comment