As organizations rapidly adapted to remote work environments over the past year, the issue of cybersecurity became an increasingly important topic. In particular, one of the most innovative trends in the cybersecurity industry has been the widespread shift to the Zero Trust concept. Cybersecurity company Palo Alto Networks describes Zero Trust as:
…A strategic initiative that helps prevent successful data breaches by eliminating the concept of trust from an organization’s network architecture.
In line with this industry trend, a recent podcast of This Week in Enterprise Tech (TWiET) featured a discussion with David Canellos, the President and CEO of Ericom, on the topic of “Zero Trust in a Remote World”.
Over the past year or two, Zero Trust has taken off in the industry, partially as a result of support from the analyst community and vendors, with an extra push from pandemic-related factors. Industry adoption of Zero Trust architecture has gained significant momentum as many people transitioned to working in remote, distributed work environments on a permanent or semi-permanent basis.
Demand for solutions that enable accessing applications in a secure way and addressing browser vulnerabilities has surged across the industry.
While significant work has been done by browser providers to address vulnerabilities, the reality is that it’s virtually impossible for a browser like Google Chrome to protect its 2B+ users from every website that may contain malware or ransomware or be weaponized for phishing attacks.
In order to address this cybersecurity threat, an approach that is gaining momentum is to isolate browser activity from the internet and instead deliver streams of rendering data for each website, a solution known as remote browser isolation.
Cloud-Based Remote Browser Isolation
For cybersecurity professionals, an ideal world would be one where we all run the same browser and version, which talk to the same backend web servers. In reality, there are many versions of browsers, devices, operating systems, and backend servers.
The innovation of cloud-based remote browser isolation is that regardless of what browser or device is used, the end user can connect to any website in a secure manner without even being aware that website content is never in direct content with their endpoint or browser..
Instead, cloud-based isolation platforms that facilitate this interaction render the website in an air-gapped environment and execute the request securely, remote from the endpoint. For example, if you’re using an old version of Internet Explorer, the remote browser isolation service in the cloud is actually fetching the request instead of the outdated browser that may be vulnerable to attacks.
A safe data stream that contains no active content from the website is sent to the end-user from the isolated cloud down to the browser on the user’s device.
The fact that this is an entirely native experience is what makes it so user-friendly—end-users need no browser isolation client on their endpoint yet still have the same experience as if they browsed the website directly.
Of course, cloud-based Zero Trust remote browser isolation platforms are only as robust as the clouds that host them. For example, the cloud security service provider Ericom has a federated global system of PoPs—Points of Presence—that are interconnected yet on different cloud infrastructures, belonging to different cloud service providers. The platform automatically routes each user’s request to the closest PoP based on proximity. This system is designed so the service is delivered to travel with the user.
Remote Browser Isolation vs. Sandbox Environments
In discussing Zero Trust security, it’s important to understand the difference between remote browser isolation and a sandbox environment.
In particular, most sandbox environments are on endpoints, and content is sandboxed only once it has already reached the device. In contrast, remote browser isolation is done entirely in the cloud, and website content never reaches the device. From a performance point of view, using remote browser isolation feels identical to natively browsing the internet without the service—i.e. same device, same browser, no plugin, and so on. The difference is that the site content is processed in the isolated containers and only a safe data stream is sent to the endpoint.
In terms of security, with remote browser isolation, none of the exploits that might be hidden in website content can make their way to users’ browsers or devices.
Finally, in terms of downloading and uploading files with remote browser isolation, one of the built-in Zero Trust services provided by some Remote Browser Isolation platforms is file sanitization. These file sanitization services use a system called CDR—or Content Disarm and Reconstruct—which takes the file, opens it up, sanitizes anything in the file that could be dangerous, and then reconstructs it for delivery to the end-user. Most importantly, if an end-user downloads a file that may contain malware, the file is sanitized before it reaches their machine.
The Evolution of Browser Isolation
Although remote browser isolation has been around for many years, its application has evolved significantly over the years.
In terms of previous browser isolation solutions, isolation used to be done on the endpoint. For example, a Macbook would segment off a part of the device and execute content locally in that segment, and enable access for the user.
The issue with this approach is that any malware that is present on the website can infect the endpoint device, and will not be limited to the segment where it is supposed to be isolated.
From an administrative perspective, the entire rollout of cloud-based browser isolation can be done within 72 hours. The administrator simply needs to decide on the specific policies they want to apply to end users. For example, the administrator may need to provide researchers with specific access to risky sites and ensure that they are browsed using remote browser isolation. In this case, the admin would just need to provide the correct permissions for these users to access these parts of the internet.
In summary, modern remote browser isolation solutions are unique in that all risky content is browsed in isolated containers in the cloud and no ransomware or malware from the web can reach user devices and from there, infect company networks.