Most companies cannot survive without an internet or cloud connection. Websites and cloud services enable employees to communicate, collaborate, search, organize, archive, create and be productive.
But digital communication is also a threat. External attacks on cloud accounts increased by 630% in 2019. Extortion and phishing continue to be a major concern for IT security teams, and as users and resources migrate beyond traditional network security, it becomes increasingly difficult to protect users from clicking on a link or opening a malicious file.
This issue has increased the tension between the two IT mandates by providing transparent access to the required services while preventing attacks and blocking access to malicious websites. Automation is essential to ensure that modern security channels block approximately 99.5% of malicious and suspicious activity by filtering known malicious files and websites and using advanced malware and behavior analysis tools.
Safety is a lot of work
However, the remaining half of 1% still represents a significant number of sites and potential threats that need time to sort for a team of security analysts. As a result, IT managers are faced with the problem of developing a balanced security policy. Many companies block unknown traffic by default, but excessive blocking of websites and content can hamper user productivity by causing a spike in helpdesk ticket sales when users try to access legitimate websites that have not yet been ranked. On the other hand, web-based policies that offer too easy access greatly increase the risk of serious and threatening security incidents.
Organizations focused on digital transformation, accelerated by changes in work habits and locations during a pandemic, need flexible and transparent security controls that allow users to securely access critical web and cloud resources without overburdening security teams with ongoing help desk calls, policy changes, and manual screenings. External browser isolation – if properly implemented – can help to achieve this goal.
While security solutions using URL categorization, domain reputation, anti-virus and sandboxing can stop 99.5% of threats, Remote Browser Isolation (RBI) can handle the remaining unknown events instead of the usual strategy of hard blocking or allowing everything. RBI allows you to deliver and display web content in a secure environment while the analysis is performed in the background. Using the RBI, any request to an unknown site or URL that remains suspicious after passing through the Deep Web Protection pipeline will be sent remotely, so that in case of malicious content there is no impact on the user’s system.
Dependence on RBI
Isolating the remote browser prevents malicious code from being launched on an employee’s system simply because he or she clicked on a link. This technology will also prevent the use of unsecured cookies when accessing secure services and websites. This protection is especially important in the age of ransom, where a random click on a malicious link can cause significant damage to a company’s digital assets.
Given the benefits of remotely isolating the browser, some companies have implemented technologies to display individual websites. While this can be very effective in reducing security risks, isolating all web and cloud traffic requires significant computing resources and is prohibitively expensive in terms of licensing.
By integrating RBI technology directly into our MVISION Unified Cloud Edge (UCE) solution, McAfee integrates RBI into an existing sorting pipeline. This means that the rest of the threat protection stack – including Global Threat Analysis, Anti-Malware, Reputation Analysis and Sandbox Emulation – can filter out most threats, while only one in 200 requests needs to be handled by RBI. This significantly reduces overhead costs. McAfee UCE simplifies this approach: Instead of positioning external browser isolation as an expensive and complex add-on service, it is included in every MVISION UCE license.
Comprehensive protection of high-risk persons
However, there are certain people in the company, such as the CEO or the finance department, with whom you cannot take risks. These privileged users can also benefit from complete isolation from potential Internet threats. This approach enables full virtual segmentation of the user’s system from the Internet and protects him or her from potential threats, allowing the user to use the Internet and the cloud freely and productively.
The McAfee approach reduces the risk of users being compromised or inadvertently bailed out through phishing campaigns, attacks that can have significant costs and affect business performance. At the same time, companies benefit from a workforce that has free access to the web and the cloud resources they need to be productive, while relieving IT staff of strict web policies and constant customer service tickets.
Would you like to know more? Watch our RBI demonstration.
x3Cimg height=1 width=1 style=display:no src=https://www.facebook.com/tr?id=766537420057144&ev=PageView&noscript=1 />x3C/noscript>’) ;