Almost every company in this increasingly digitalised future depends on the Internet to sustain their business. And no Internet experience is complete without using a web browser as its window to the World Wide Web.
This is something cyber criminals are more than aware of, which makes aiming at employee web browsers such an easy target if they are looking to infiltrate an organisation. The rise of web-borne malware, ransomware and phishing through browsers is a huge concern for many enterprises, and especially for companies when it is hard to control what employees are browsing on a company network.
This vulnerability exists because of the way in which browsers work. It literally executes code delivered from third party websites. When we visit a website, web content is downloaded to our computer and executed locally. This becomes a problem when that content is malicious. Attackers are using specially crafted malicious websites to exploit browser vulnerabilities and infect endpoints.
Conventionally, companies used to enable web gateways to successfully block access to sites well-known to be classified as malicious. Nonetheless, security teams find it challenging to curb access to risky sites as well as uncategorised sites which have limited reputation history. Security policies would customarily either block total access to such sites (which may hinder business productivity) or simply allow access, leaving employees exposed to attacks. This is a significant problem since the millions of uncategorised sites created daily serve as an ideal cover for cyber criminals trying to bypass web security controls.
This may come off as a new concept but web/browser isolation is a cybersecurity model known to protect users against web-based cyberattacks in which a secure network is physically isolated from an unsecured network, while avoiding over-blocking web access. Browser isolation was developed in 2009, and had been pioneered in a military cybersecurity environment.
Many modern web browser isolation services utilise cloud hosting in order to isolate the browsing session from the hardware. The way in which companies would isolate employees’ browsers is to give each of them their own cloud hosted remote browser, a fully functional browser hosted on a cloud server and delivered to the employee over the internet. The employees would then log-on to their hosted remote browsers and browse the Internet through them, rather than the browser on their local machines, thereby physically isolating themselves from web based cyber-attacks.
The technology by default assumes that any website could be malicious, and hence no content should be allowed to be executed on endpoints. Web isolation solutions would provide employees with ‘disposable’ browser environments, whereby once the browsing session is closed, the entire browser is reset to a known good state or simply discarded. Because the web isolation executes web sessions remotely, it eliminates attackers’ ability to exploit the browser as even clicking on infected links will contain the infection within the isolated browser and destroyed soon after. Any malicious code encountered during that session is thus prevented from reaching the endpoint or persisting within the network, regardless of whether or not any threat was detected. In the end, no malware or viruses can be transferred to the computer and employees’ browsing experience is not impacted because the technology is transparent to them, thereby preventing productivity lost.
It seems like a simple solution; physically isolate the browser and you are able to isolate any web browser cyber-attack risks. So why is it that more people are not getting on board this technology yet?
One reason is of its cost. Web isolation technology can come at a price for companies to physically isolate all users’ browsers, depending on the size of the organisation and which remote browser isolation technology they choose to implement.
Web isolation and a Virtual Private Network (VPN) are two very different tools, although both are designed to help you with Internet security.
While web isolation helps you to eliminate malware and viruses from transferring onto your computer by isolating your browsing session on a ‘disposable’ browser, VPNs (although being early adopted by corporations) were mostly used for employees to access the company’s network remotely from home or anywhere outside the office.
That was only the beginning as from there VPNs are now more widely embraced by commercial users. A VPN, like BolehVPN, will help you connect to the Internet through a secure encrypted tunnel to safeguard your Internet connection to protect and anonymise you. It is a service provided by a company which will allow you to connect through their servers in order to send and receive data across other networks as if it was a private network.
The VPN tool is used to secure your Internet connection to protect all the data you send and receive over the Internet to guarantee encryption, mask your IP address on the Internet (aka. who you are on the Internet), safeguard your connection and data exchange of your emails, passwords and files, and anonymise yourself from anyone monitoring your Internet traffic (man-in-the-middle attacks).