Ericom Browser Isolation
Today, organizations cannot know when and where the next attack will surface and how much damage it will cause. The risk is compounded by the fact that castle-and-moat security no longer exists. Network perimeters are fluid, with no clear demarcation points between “outside” and dangerous, and safely “inside.” Calling the need for Ericom browser isolation with Ericom Shield. Suppose you are new to the capabilities of remote browser isolation and Ericom’s uses of containerization to perform isolation. In that case, you may want to visit the following: What is Remote Browser Isolation? and Docker Container Security.
Ericom Shield. |
|
Before you proceed, you may find the following helpful
The Need For Ericom Shield: The Internet is Chaotic
The internet is chaotic and only getting worse. It was built with the twin ideals of providing a better user experience and easy connectivity. For instance, if you have someone’s IP address, you can communicate directly with them. IP has no built-in authentication mechanism: Authentication is handled higher up the stack. Bad actors take full advantage of the internet’s “trust model,” making attacks, not a matter of “if” but a concern of “when.” This norm is the devil’s bargain we have accepted in exchange for convenience and easy connectivity.
Today, with virtually nothing secure, we must strive for solutions by looking at the whole problem from a new angle. Previous solutions don’t provide enough protection from today’s highly evolved hackers. With this being said, it is always better to be safe than sorry, especially when keeping confidential files safe.
Fortunately, however, we have reached a significant evolution in security technology with the introduction of Ericom’s Zero-Trust Remote Browser Isolation (RBI) solution ( Ericom Shield ). Now, for the first time, we can say that browsing is more secure than ever. However, if you have unfortunately been hacked or contracted a virus and, as a result, your computer isn’t working. There are numerous computer repair companies out there that can help with just this sort of thing.
Cyberattacks: It’s all about the money
Or at least mainly, since politically-motivated attacks are on the rise. But let’s look at what might motivate a bad actor to hack into a private healthcare system. Once an attacker is in, he gets access to all members’ or patients’ financial, insurance, personal, and bank account information. Each record is valuable in the black market, much more than credit card details. You can’t undo your health history. Hence, bad actors can blackmail or pressure targets for monetary gain – which does not stop them from rolling the information on the dark web for additional profit.
Ericom Shield with Ericom Browser isolation
Realistically, perfect, airtight security will always remain just beyond reach. When you are surfing the internet, there’s no way to be sure that the site you plan to visit is safe – you can’t trust any site. And white- and blacklisting can’t help: So many sites arise and disappear so quickly that there is no way to catalog them all in advance.
Attackers evolve and adapt their techniques at a rapid pace with which defenders cannot keep up. Discussion on the defense side gravitates toward “how quickly can we respond?”. This reactive posture is dangerous when dealing with, for example, malware that penetrates internal networks. First, there is a risk of not being able to establish barricades to keep malware out; the lateral spread of malware throughout the network compounds the threat. Even if you can eventually catch the malware, searching, cleaning, testing, and shutting resources down until they are clean involves crushingly high costs.
Therefore, to strengthen security postures and protect an organization’s valuable assets, there is a dire need for a new paradigm. And that new paradigm is zero trust + RBI. Zero trust is about ‘not trusting’ any process, network, user, or device and ensuring that every connection in the chain of events is authenticated. RBI, on the other hand, is about stopping all threats. RBI complements the zero-trust story by adding another brick in the wall and filling the internet gaps that zero trust leaves open.
Types of internet-based attacks
The internet browser is one of the primary attack vectors today, as many of the most aggressive hacking trends demonstrate. Existing solutions do not successfully protect against the constant influx of innovative threats that attack via web browsers.
- Phishing
The average lifespan of a phishing site is around 6 hours. By the time you can hunt, identify and protect against many of these sites, their short lifespan is over. Phishing usually starts with an email that lures the user to click on a link. The link can be for a download or navigation to a site. Phishing sites automatically download malware through drive-bys or are spoofed sites designed to gather credentials.
- Drive-by downloads
Drive-by downloads can happen on innocent sites that have been injected with malware with the intention of hacking users’ sessions and on dedicated phishing sites. The hackers attempt to penetrate sensitive data in the user’s organization by reverse-engineering the connection.
- Malware
Recently, bad actors have raised malware to unprecedented sophistication and impact. Malware campaigns can now be automated without any human intervention. The devastating effect of Nyetya on more than 2000 Ukrainian companies is terrifying evidence.
Malware comes in a variety of forms and file types. File sanitization solutions are essential to protect against malware in files downloaded onto endpoints. However, they are powerless against malware that enables hackers to watch the keystrokes as people enter data in forms and gain access to credentials.
The Ericom Shield RBI solution safeguards against this by allowing suspicious sites (i.e., spoofed/phishing sites) to be opened in read-only mode, so users can’t type in sensitive data.
- Crypto-jacking
When cryptocurrencies were in full bloom, bad actors were infecting computers with crypto-mining software and harvesting computing power to mine currencies for themselves. These miners would run 24/7, resulting in high electricity bills and lower capacity for legitimate processing. There are many scammers out there looking to take advantage of new investors in bitcoins and other types of cryptocurrencies, just as many different types of crypto software might target these new investors. Luckily, there are bitcoin profit scam reviews that might be able to let investors know if the software they are interested in is a scam or legit.
However, with RBI, crypto-jacking doesn’t work because browser tabs are destroyed quickly after user interactions cease. Crypto-miners can’t persist on your computer as the containers are only active as long as users are active in the browser tab. This is another remarkable win for RBI.
- Cross-site scripting
Cross-site scripting attacks occur when users browse different sites by adding tabs while using the same browser. When users enter their credentials on one site, an infected site in another tab can pick them up. Chrome and other browsers address this issue by isolating tabs from each other. However, the entire browser still sits on the end-user computer.
So, while this type of isolation protects information from tab to tab, it does not generally cover the end-users – or organization’s- information from malware attacks. Tab isolation is a step in the evolution of remote browser isolation but is only a partial solution since it merely provides isolation between sites browsed on the local endpoint. It is far from a complete solution to browser-borne threats.
Introduction to Ericom Browser Isolation with Ericom Shield
The concept of securing browsing through isolation is not new. Solutions have been on the market in one form or the other for quite some time. However, none of these solutions fully secure the end user’s browsing session from internet-borne threats. Browsing companies offer security features such as Adblockers and local tab isolation that can help, but only to a certain degree. Many purported secure browsing solutions are local isolation techniques that provide limited protection since they allow site content onto the endpoint, albeit in isolated segments, containers, or virtual machines.
Ericom Shield: Revolutionizing browser isolation
The incarnation of Ericom’s remote browser isolation technology occurred over three years ago with a “double browser” solution. This solution isolated the browser from the end-user device by allowing users to establish a remote session with an application that happened to be a remote browser. While other solutions in the marketplace talked about remote browser isolation, most are not remote from the endpoint — perhaps the most critical factor. Ericom has taken this to the next level of protection with the Ericom Shield Remote Browser Isolation (RBI) solution.
- Other ways to perform remote browser isolation
Currently, some available solutions isolate tabs from each other or isolate complete browsers within local machines. But these solutions do not isolate web content from the end-user device or the network it connects to. As a result, they are only halfway to protecting their users from browser-borne threats.
Local isolation solution concepts entail running a virtual machine (VM) on the endpoint device to create a safe zone within the computer. Other solutions create a compartment within the hard drive, hoping to provide good-enough isolation, but unfortunately, it does not. For an effective security posture, you want to ensure that threats stay as far from your internal network and end-user devices.
In reality, these solutions decrease the security posture, so there is a big push for remote browser isolation (RBI). Some solutions require users to install software or even hardware on their devices. This is old-fashioned thinking, labor/management intensive, and unfeasible for distributed organizations. Other solutions limit users to their proprietary browsers – a significant inconvenience for users.
Everyone knows that within every organization, there are a variety of devices. A solution that does not work with all different devices adds complexity, which is the number one enemy of security.
- The power of genuinely remote isolation
With Ericom Browser Isolation in place, someone else handles the heavy lifting job to ensure security. Users enjoy an average browsing experience, although browsing doesn’t occur on the user’s endpoint device. The robust architecture reduces the possibility of attack via the end-point to an absolute minimum. The power of RBI is that it stops everything — known and unknown threats. Defenders can worry less about the latest as-yet-unknown attack vector. A practical solution isolates potential danger as far away from the end-user.
RBI is a holistic solution that does not identify something and only then stops it. Instead, it simply stops everything (while still allowing users to interact naturally with websites). Nothing on the internet touches the end-user device. Hence, the cat-and-mouse game of detection-based solutions, in which solution providers are always playing catch-up, no longer applies.
The future
Cyber threats will only continue to grow and become more destructive as cyber criminality escalates around the globe. Nowadays, with many widely available hacking services, such as phishing-as-a-service, it’s easy to become a hacker.
2017 was about ransomware, 2018 was about crypto-jacking, and now in 2019, it’s phishing. No one knows what is coming next, so we need a solution that doesn’t have to play catch-up like most solutions. Firewalling and anti-virus software block threats that already exist. They restrict attacks that have occurred in the past or resemble past episodes. Therefore, many threats arise de novo cannot be corked with legacy security systems. There is always a window where solutions must catch up, or it could be fatal for security.
Ericom Browser Isolation seamlessly adds another layer of security to existing solutions and complements them. This new layer stops everything that is not verified – which is to say, everything from the internet — which is why it’s an ideal fit for the zero-trust approach.
- DMVPN - May 20, 2023
- Computer Networking: Building a Strong Foundation for Success - April 7, 2023
- eBOOK – SASE Capabilities - April 6, 2023