Isolation is an increasingly popular endpoint security strategy, and with good reason. It reduces risk by separating endpoint attack vectors from cyber criminals. Browser isolation is one of several isolation approaches. (Application, virtual and physical air gaps and virtual desktop infrastructure/VDI are others). Its concept is simple: move Internet activity away from a company’s local networks and infrastructure. Instead, users access the web via a browser application running on a locked-down virtual machine in the cloud.
Here’s a look at how cyber attackers, users, and IT administrators view the pros and cons of browser isolation.
No doubt about it, the web is one of the main ways attackers distribute malware and gain entry into the endpoint. Browser isolation eliminates this path by blocking malicious web content. But it leaves other vectors completely exposed. Cyber criminals can easily trick users into downloading and running malware from email, for example. In fact, some studies show that 92% of malware is delivered this way. Attackers can also target the end-users’ OS directly, other applications, external hardware like USBs, and browsers that aren’t covered by the remote browsing solution.
As anyone who has been blocked from accessing the web knows, job productivity and satisfaction can take a massive hit. So having open web access with security is a big plus for end-users. That’s not to say there aren’t frustrations associated with browser isolation. Performance suffers because every time you open a browser, it first has to hop through the isolation application. Reliability can also be a problem, particularly when the application isn’t keeping pace with browser updates. You never know when you’ll run into websites and web services that simply won’t work with it.
IT administrators love that browser isolation applications are easy to deploy. But its simple implementation is offset by the burden of having to mitigate all those compatibility issues, handle additional attack surfaces and deal with personal traffic. For instance, if a user is at home browsing YouTube videos, all of that traffic would go through the browser isolation service. This raises privacy, liability and cost concerns as the organization pays for every MB of traffic going through that service.
THE BOTTOM LINE ON BROWSER ISOLATION
Web-based attacks aren’t going away any time soon – or at all. Blocking them with browser isolation is a good start. But it only solves a small part of the endpoint security problem. There are too many other ways to infiltrate the endpoint.
We are running a series featuring “3 perspectives” on multiple endpoint solutions. Check out our other blogs featuring 3 perspectives on app sandboxing and EPP.