Web Isolation

 View Only

Top five reasons to isolate your browser 

Feb 28, 2017 05:52 PM

All organizations know that the cyber threat landscape is getting more dangerous all the time. Yesterday’s amateur hackers who were motivated to destroy machines and wreak havoc have given way to today’s professional adversaries who are mandated to steal data and generate profits.  

However, many of the most sophisticated attacks are coming through the virtual front door of the public internet, and counting on end users to do what they have always done: indiscriminately click on links and visit compromised websites. As noted by Gartner: “Almost all successful attacks originate from the public internet, and browser-based attacks are the leading source of attacks on users”.

While there are numerous web-borne threats that organizations need to thwart, five in particular are fixtures on every security teams’ Least Wanted List:

1.   Zero-Day Exploits

These attacks exploit browser and plug-ins vulnerabilities that are yet to be disclosed, and as such cannot be prevented even with frequent patching. Once adversaries infect the browser, they have access to credentials and sensitive data, and may gain control of the entire endpoint. Research has shown that the window from when a vulnerability is identified to when it is fully eradicated can stay open for up to 10 months.

2.   Drive-by Downloads       

Drive-by downloads are especially worrisome, because they can deliver malware even without users clicking on a link or downloading a file. Simply being on the wrong website at the wrong time is enough.

 3.  Flash and Java Vulnerabilities

Flash and Java are two of the most targeted platforms, and account for hundreds of vulnerabilities each year. Unfortunately for security teams, rumors of Flash’s demise have been exaggerated. As lamented by WIRED: “Flash isn’t dead, or really any closer to it”. And cyber criminals continue to attack Java, largely because many enterprises rely on it for legacy internal applications.

4.   Phishing

In theory, end users could be educated on do’s and (especially) don’ts of safe browsing. But in practice, security training is not effective against phishing attacks, as despite these educational efforts more than 12% of users click on malicious links or disclose sensitive information. As noted by Vanderbilt University’s Eric Johnson: “It seems like in groups of people, particularly inside a corporate firewall, who just click on everything, training doesn't seem to slow them down one iota…It's very hard to get folks, particularly when the deception is pretty good, to really step back for thirty seconds and look at it and say, `Is this something I should be clicking on?’ ”

5.   Ransomware

Ransomware is a rapidly growing type of malware that encrypts files on computers and networks, and extorts funds from organizations in exchange for the decryption keys, leaving the victim unable to access information until a ransom is paid. This type of threat is often delivered by visiting a malicious website or downloading an infected file through the browser.

The Way Forward: Web Isolation

The bad news is that we can expect adversaries to continue to improve their methods as they find new ways to circumvent conventional security solutions. The good news, though, is that organizations can significantly reduce their chances of being victimized by adding web isolation to their security toolbox. Web isolation complements secure web gateways and additional security products to protect against malicious content often delivered by risky and uncategorized websites.

Web isolation, also known as browser isolation or remote web browsing, completely eliminates web-borne threats -- including those listed above -- by executing web pages remotely. In this way, isolation eliminates any malicious web content from reaching and infecting endpoints. 

To learn more about protecting your organization from the onslaught of web-borne threats, visit the Symantec Web Isolation product page.

Statistics
0 Favorited
1 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Aug 19, 2018 08:08 AM

Hi Richard 

You can use the web isolation proxy built-in capabilities instead of buying another proxy.

You are also can buy the web security service with the web isolation I think it's the best effort.

Thanks

Jul 10, 2018 11:51 PM

Hi Zach,

 

Just want to verify if Web Isolation requires a proxy? Or can I propose the Web Isolation if the user does not have proxy and they only have NGFW?

 

Thank you,

Jun 27, 2018 05:50 AM

Excellent Summary. Thanks.

Related Entries and Links

No Related Resource entered.