The internet is information at your fingertips – It houses imperative business and productivity solutions and assists us in our day to day lives. Users’ browsing activity and behavior, however, can pose numerous threats to an organization.
Given this fact, how are organizations supposed to protect their high-profile users, data, and systems from constantly evolving web threats?
Remote Browser Isolation
Gartner states that “Organizations that isolate web browsing will experience a 70% reduction in attacks that compromise end user systems.” Remote Browser Isolation (RBI), also referred to as web isolation, is a security measure that separates users’ devices from potential threats posed by their internet browsing behavior by hosting and running browser activity in a remote cloud hosted container, essentially sandboxing the user’s browsing session.
By isolating the browser activity in a container separate from the user’s device, RBI protects data, devices, and networks from threats in order to reduce the attack surface.
Potential threats include, but are not limited to:
How does RBI Work?
When a user accesses a website or clicks on a link, instead of rendering the web content directly onto user’s device, the webpage content will be executed in a remote environment or virtual container.
The remote environment will render the content and only a safe, sanitized representation of the content and potential downloads, will be sent back to the user’s device, ensuring that any potentially malicious elements are confined within the isolated environment.
The isolated environment will typically enforce security measures, such as sandboxing, to contain any potential threats. Should any malicious activity be detected, it will be contained within the isolated environment and will not touch the user’s device or network.
Meanwhile, the user continues with their browser session as they normally would, unaware that it is being isolated.
When would an Organization Utilize RBI?
Remote Browser Isolation is typically utilized on a per use-case basis, with the ability to isolate both users and specific destinations.
Organizations may choose to isolate the browsing activity for a group of high-value users such as its C-suite users, users with access to sensitive data environments, or groups of users that require significant research (Marketing and Research teams, for instance) to prevent these users from downloading malicious files, or clicking on malicious links, for instance.
They may also choose to isolate certain risky destinations, allow safe access to otherwise risky sites, or control certain web applications that may contain malicious files, for instance.
Cisco Umbrella’s Remote Browser Isolation Solution:
With Cisco Umbrella’s Secure Internet Gateway platform, customers can enable Remote Browser Isolation when they add an RBI package to Umbrella SIG’s Secure Web Gateway capabilities. Once enabled, the “Isolate” option will be displayed within SWG rulesets.
There are three add-on packages to consider:
In conclusion, Remote Browser Isolation is an excellent addition to add to the ever-increasing security stack most organizations are adopting.