Within the enterprise, the web browser is the gateway for almost every business activity, providing access and control over critical data and services.
As well as providing access to trusted systems and cloud services, the browser’s key role continues to be the access point to the wider internet. In most enterprises, the user can enable almost any website to send complex content for parsing and execution on their endpoint, but in most cases, neither the user nor the enterprise has any real knowledge about the website owner or about their security practices; they may have malicious intent, or the site may be used or compromised by other parties for nefarious purposes.
And yet, as probably the single most complicated piece of software installed on modern corporate endpoint devices, it is no surprise that browsers also exhibit a range of vulnerabilities, leaving them at risk of being targeted by malicious agents.
Because of this, sophisticated web-based attacks remain a significant threat from those whose intent may be to install ransomware, to conduct espionage or even to carry out disruption and destruction.
The vulnerabilities of privileged users Browser security control
Users whose endpoints are used to access the most critical systems and data pose the biggest threats to enterprises. The archetypal example is the systems administrator (sysadmin)- if their machine was to be compromised, the attacker would hit gold, gaining immediate access to all data and all systems within an enterprise.
So, what are the alternatives? The simplest has been to require such users to use two physical devices: one to perform privileged tasks, and the other to access potentially risky web-based content. But there are an array of practical challenges with this approach. First, in many cases the result of a sysadmin’s Google search will be to unearth a particular set of potentially complex commands that need to be tried. For practicality, it is important that the user can copy and paste these commands from the website onto the command line. Secondly, in other cases, rather than Googling, the user needs to follow a link provided from a trusted source: they need the ability to click through, rather than having to retype a potentially long and complicated URL.
The flaws of detection-based security
Browser isolation is a category of security control that gives users unfettered access to the web, but without putting their devices at risk of compromise by malware. The promise of browser isolation is to provide a better solution – a way to access potentially risky websites from a highly sensitive endpoint device, whilst providing an equivalent level of protection to the use of a physically separate device.
At the heart of the browser isolation solution is a web security model that does not rely on detection. In other words, rather than detecting malicious content, the isolation model assumes that content is malicious unless there is good reason to believe otherwise.
With a detection model (the default for historic web security tools), the response to detection of malicious content is simply to block it. This is not a useful solution if the vast majority of content is to be assumed potentially malicious, and it is precisely the role of browser Isolation to provide users with safe access to this potentially malicious content.
Browser Isolation – a different model of security
With the browser isolation solution, the first step is to parse. And execute the potentially malicious content on a different physical machine. The basic components of how Browser Isolation works may sound similar to the functionality of remote desktop technology. However, there is a critical difference. With browser isolation there is always an element of transformation applied to the original data to render it safe. Before passing it through to the user’s machine.
Introducing Pixel Pushing
The gold standard of security is to deliver Browser Isolation via a technique known as ‘Pixel Pushing’. Which converts the browsed web page into a safe, interactive, live video stream, meaning that the device is now completely “isolated” from the risky internet. This completely removes all risk of ransomware attacks from the web, regardless of the sophistication or frequency of such threats. Instead of going online and potentially coming into contact with malicious. Business-threatening code, employees are instead presented with a completely safe video representation of the web.
And just as critically, for the privileged user – be it systems administrator or c-suite executive. The web experience is exactly the same – text appears as text. Links are clickable, and multimedia content, including videos, is fully accessible. But with one key difference – the threat of malicious content getting into the network. Onto their endpoint is eliminated due to the separation between web and network. Since company endpoints never come into contact with the web. Employees can literally click on any link or visit any website without the risk of negative consequences for the organisation.
The need for a hardware-based approach
The challenge with Pixel Pushing is the sheer volume of data generated. It is not feasible to deliver large volumes of data to the user’s endpoint. Without either substantial data compression or excessive network utilisation. However, cost-effective implementation of these techniques requires dedicated hardware. Using software only means that the cost of video compression is excessive, which makes Pixel Pushing too challenging.
Browser security control An alternative to a software approach. A variety of techniques collectively known as ‘transcoding delivers partial Browser Isolation. It does this by reducing website code into smaller subsets and removing any known malware. And then reconstruct it before sending it back to the user’s device. This might sound effective, but the reality is that transcoding is a porous measure. That always lets some of the original web code through. Meaning that the threat of ransomware and other malware attacks still persists. When it comes to software-delivered Browser Isolation, security is significantly compromised in favour of usability.
To solve the challenge of scale and usability, while maintaining the security levels of Pixel Pushing technology. Hardware-based Pixel-Pushing browser isolation solutions use dedicated hardware to deliver a scalable and usable experience that doesn’t compromise security.
A growing risk
Browser security control Today it is not only systems administrators who have access to critical systems. And data – an increasing number of enterprise roles involve working with at least one form of sensitive information.
Browser Isolation is therefore not only highly effective for users operating. Workstations with elevated system privileges protection, but equally can be used to protect. Endpoints for broader classes of users, to prevent attacks such as phishing emails containing malicious uniform resource locators (URLs).
it is a significant step up in security compared to the extensive web security already typically deployed within the enterprise. Both in third-party security products such as proxies and endpoint agents and within existing browser software such as Google Chrome. The technology is well established within the military and intelligence sectors, and is set to play. A broader role in protecting enterprises in the near future.
Co-founder and CSO
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.