Risky Business: Isolate the Browser or Risk Persistent and Growing Threats

Today I had the honor to officially join Isoolate as Chairman of the Board, after having spent months learning about and experiencing this start-up company’s powerful Remote Browser Isolation technology. I have been part of the Internet revolution for over thirty years and have been building cloud-based companies and applications for over twenty years, and in the last ten years have been immersed in cybersecurity that addresses massive enterprise risks.

I met the founder and CEO of Isoolate when I was Chairman of the Board of NETAS, when Halis “Osman” Erkan established breakthrough technology in the field of Privileged Access Management (PAM), taking Single Connect global, and running a public cybersecurity company as being one of the youngest CEO’s in the world for 6 years from 2012 to 2019. Under Osman’s leadership, the company posted record consecutive 22 quarters of profitable growth, established Krontech in the US, and for 3 years oversaw the successful sales activities for Fortune 500 companies.

Osman holds three patents.

The first thing I look for when considering undertaking a responsibility as profound as leading any board is talent, experience, vision and an ability to execute and Osman, and the team he is building, have limitless opportunity, especially given the problems they have identified to solve, and the software they have been developing in a somewhat “stealth mode” for the last few years.

With the advent of the global health crisis, driving more and more Work From Home scenarios for even the largest and most mission-critical enterprises, the time to fully secure a cloud-based workforce is now. The need is immediate. The need is urgent. And while there are many great cybersecurity solutions available, with more being developed, it became evident to me as I learned more about Isoolate and the overall Browser Isolation Technology space that too many CIOs, CISOs, and IT leaders have left out one of the greatest vulnerabilities when it comes to pervasive threats: the humble browser which is now “open” all day, every day, including mobile web browsers and of course desktop browsers which power applications including SaaS solutions.

The vast number of malware and ransomware attacks occur at the edge, on the web browser, and directly target users when they are casually surfing the Internet. Attackers are finding it easy to bypass preventative controls such as signature-based malware scanning, firewalls, and secure web gateways (SWGs). Browser-based attacks are known to be the primary threat vector for attackers who are targeting users with vulnerable web browsers and plug-ins. Web browsers are also the prominent attack surface for phishing campaigns which remains the number one threat in the world. Isoolate can solve this biggest problem with the smart use of RBI and URL categorization technologies and providing a sound phishing isolation solution.

This is stunning: according to Gartner, 49.6% of attacks are browser-based.

Gartner believes that the time has come to isolate browser access from the dangers of the public internet for at least a portion of their traffic which deals with high-risk users and use cases.

Osman and the Isoolate team saw this coming and built software which isolates the user’s Internet browsing activity from the end user’s device and from the rest of the enterprise’s networks and systems.

What is Remote Browser Isolation and how does it work?

·        Remote browser isolation effectively creates an “air gap” between inevitable attacks and the enterprise network, in effect restricting the ability of an attacker establishing a foothold, move laterally within the organization, and breach other enterprise systems to exfiltrate data.

·        Remote browser offerings are a subset of browser isolation technologies that remove the browsing process from the end user’s desktop and transfers it to a designated browser server or cloud-based browser service.

·        The remote browser servers then render the browser content remotely and send a bidirectional stream which represents the rendered session out to the user’s local browser which includes audio, video, and keyboard and mouse interactions back to the session.

How do attackers break through your web browser?

Attackers generally break into the network by means of social engineering to deliver targeted malware, mostly through phishing campaigns or drive-by-downloads to vulnerable systems and people. Once they are in, attackers stay “low and slow” to avoid detection, then map out the organizations’ defenses from the inside and deploy multiple parallel kill chains to ensure success.

Attackers usually target unprotected systems and capture information over an extended period of time. This captured information is sent back to the attack team’s base to be analyzed for further exploitation, fraud, or worse. These attacks or threats are referred to as Advanced Persistent Threats or APT.

Browser are evil unless we tame them.

Browsers can execute huge amounts of code to provide the user with a good web surfing experience. HTML has not changed much in the last decade, which depicts that browsers will perform the same for the coming years. This is a vulnerability as many hackers now have the potential to breakthrough browsers as they become acquainted with the whole system. Predominantly users are attacked through e-mail and web sites.

Going back to Gartner’s research and analysis, they state that through 2022, organizations that can isolate high-risk internet browsing and access to URLs within emails will endure up to 70% reduction in attacks that compromise end-user systems.

By 2022, 25% of enterprises will adopt browser isolation techniques for some high-risk users and use cases, this is up from less than 5% in 2020.

Designed properly, Remote Browser Isolation Technologies – like Isoolate – is easy to use, provides the necessary isolation, and is extremely cost-efficient.

The primary measure Isoolate takes is to detect suspicious links inside an e-mail, whether on a native e-mail client or inside the Isoolate remote browser and disabling user entry to the input fields. By rendering pages in this read-only mode, Isoolate prevents users from giving any sensitive data to the malicious actors, accidentally or by intent.

No More Risky Business: Start At The Frontlines

Isoolate never lets harmful content to be directly downloaded to the user computer. Suspicious content is always opened in the remote browser and contained. Users can download it only after the Isoolate sanitization tools disarm and reconstruct the content. When the user ends her browsing session, the malicious content disappears inside the disposable browser.

Isoolate also prevents internal attacks, which most analysts say drive 50% of cyber attacks today. 50%!

Any un-monitored browser can be used to transfer confidential data through personal e-mail or cloud storage. Isoolate Virtual Browser service is a manageable and risk-free endpoint solution meeting the security requirements especially today as more and more people work remotely.

With isolation, there is zero-risk of malicious code infecting the user operating system and then spread to the enterprise network. Advanced phishing attacks, malware, and ransomware are all contained isolated in remote servers.

Having found a talented and dedicated team, with a great idea, a simple value proposition, excellent technology, and a huge head start on a huge growth market – well, those of you who know me understand why I had to say yes when asked to support Isoolate. It’s prime time for this business and category to grow as there has never been a more important time to secure enterprise assets at scale.

 

Originally published on LinkedIn.