The Workspace Isolation Blog

  • Does VDI protect against data leaks? 

    By Tal Zamir. November 9, 2019

    The short answer is simply no. Read more to find out why and to get some tips on how to fix things and get real security while keeping VDI in place (if you have to). In this post, when we use the term VDI, we refer to many different variants of remote desktops/apps, of any […]

  • Win10: 3 Perspectives on Endpoint Security Strategies

    By Tal Zamir. November 5, 2019

    Many businesses rely on corporate-owned Windows 10 devices for securing corporate endpoints. In an attempt to keep cyberattackers at bay, they may try to lock down Windows 10 with a variety of security features, such as Windows Defender (or a third-party EPP/EDR/NGAV solution), Credential Guard (to prevent pass-the-hash attacks), Device Guard (to enforce code signing […]

  • Virtual Air Gap Networks Explained: Air-Gapping A Virtual Machine

    By Tal Zamir. October 24, 2019

    Cyber attacks have become far too commonplace and sophisticated. So it’s not surprising that enterprise employees are continually and unwittingly exposing their devices – and their company’s crown jewels – to risk.  CISOs and IT leaders know they need a more effective way to block sensitive company information from cyber criminals. That’s why they’re turning […]

  • 3 Perspectives on Physical Air Gaps

    By karinerhysolate. October 18, 2019

    A popular endpoint security strategy for users who have access to important data is to implement a physical air gap, also known as “Privileged Access Workstations” (PAW) or “Secure Access Workstations” (SAW).  With PAWs, each end user has a separate laptop or desktop that is dedicated solely to sensitive tasks and information. These devices are […]

  • Three Urgent User Challenges with Digital Transformation

    By Tal Zamir. October 11, 2019

    We all know that organizations going through the digital transformation revolution have to navigate significant technology, culture and workflow challenges. What’s becoming increasingly clear is that, as more of their business becomes digitized, they’re increasingly facing three major user-related challenges that can’t be ignored and require radical new approaches. In this first of a two-part […]

  • The Hysolate Perspective: HP Acquires Bromium

    By Tal Zamir. September 25, 2019

    From app sandboxing to OS isolation: How the endpoint is evolving Last week, HP announced that it has acquired Bromium, maker of an app sandboxing product that uses virtual machines (VMs) to sandbox specific applications, such as browsers and office apps. This acquisition marks another important milestone in the evolution of endpoint isolation technologies. It […]

  • Finding the Balance with Windows Local Administrator Rights

    By Mariel Sable. September 11, 2019

    As a systems administrator, it has always been a difficult struggle to balance Microsoft User Rights Assignments in the Windows Operating System. Too much access on a file system is dangerous, while not enough causes subsequent tickets created at a help-desk. An equilibrium of supportability and security is ideal, yet seldom achieved. Windows Local Administrator […]

  • How Hysolate Mitigates Windows 7 End-of-Life Issues

    By Tal Zamir. August 28, 2019

    The end of the Windows 7 lifecycle is fast approaching: January 2020. This pending “end of life” means Microsoft will discontinue all support, including paid support, and all updates, including security updates. Of course, Microsoft might make an exception for some of its larger customers, but at a heavy price.  What does this mean for […]

  • 3 Perspectives on Browser Isolation

    By Tal Zamir. August 20, 2019

    Isolation is an increasingly popular endpoint security strategy, and with good reason. It reduces risk by separating endpoint attack vectors from cyber criminals. Browser isolation is one of several isolation approaches. (Application, virtual and physical air gaps and virtual desktop infrastructure/VDI are others). Its concept is simple: move Internet activity away from a company’s local networks […]