Secure Web Surfing
Web isolation protects users–and you
Can you protect end users from malware and phishing threats without overly restricting their access to the internet? Web isolation may be the solution to secure all browsing activity and give you and your security team peace of mind–without disrupting user activity.
With successful cyber attacks on the rise, most organizations do their best to educate their end users about how to identify suspicious links, files or phishing emails. But training alone doesn’t seem to be enough, with 74% of successful breaches involving the human element.
The problem isn’t limited to human error. As website and browser software grow more complex, it becomes harder to ensure a secure browsing experience. Malicious actors continue to find new ways to exploit browser vulnerabilities.
Patching your browser is a good practice, but this is far from bulletproof and is a heavy lift for a large enterprise with thousands of users. Through 2023, Google disclosed eight different zero-day high-impact vulnerabilities that were exploited in the wild. In other words, attackers were able to execute successful attacks even on up-to-date browsers.
How web isolation helps
Symantec Web Isolation, a Remote Browser Isolation (RBI) solution, mitigates the risks associated with web browsing. Web isolation executes web sessions in a disposable cloud container. The endpoint receives a safe rendering of the page created by the web isolation service. Yet it preserves the original website’s behavior and experience.
RBI solutions are evaluated based on two fundamentals:
- Ensuring that no original code of the destination server reaches the end user’s device.
- Providing a seamless experience for end users who access isolated websites.
Security should not result in a bad user experience. On the contrary, the right RBI solution should reduce the friction between maintaining security and delivering a positive user experience and expected functionality.
Explore these web isolation use cases
A look at two use cases illustrates how web isolation adds value.
Use Case 1: Password-protected archive files. Standard Secure Web Gateway (SWG) solutions are unable to scan such archive files or enforce policy on the files within the archive. Given this blindspot and potential for exploitation, most organizations would choose to block such transactions; they simply deny access. But what about end users who actually need to download these files from legitimate destinations to complete their tasks? Left with no access, frustrated users may look for workarounds.
Web isolation solves this problem by prompting the end user to provide the archive password. This ensures that files within the archive are being scanned, and the administrator’s policy is enforced on every file in the archive. This can be done in web isolation because it’s part of the browsing logic and process vs. standard SWG solutions which can only inspect the transactions.
Use Case 2: Document isolation. Here, users view documents remotely, mitigating the risk of downloading and running complex documents on the device that might introduce malicious code at the endpoint. Users can view and interact with the document’s content as an isolated page–all without downloading to the device.
This is enormously useful when viewing files like PDF and Microsoft Office Suite (Word, Excel, etc) documents–both of which are favorite attack vectors for malicious actors. These common file types can be tempting to download but can also be filled with options and features that allow the attackers to find and exploit vulnerabilities or simply run additional code. In a phishing attack, a PDF is much more likely to be clicked on by an end-user than an .exe file or a script file.
Even tech-savvy organizations fall victim to such tactics, as demonstrated by a famous YouTube channel highlighting how their organization was breached due to a seemingly harmless PDF attachment, which was actually a RedLine Stealer Malware. This malware, available for a mere $100 subscription on the dark web, specializes in stealing browser credentials and sensitive information. Once the “PDF file” was executed, all the browser’s cookies were stolen, and access to the YouTube channel was obtained - bypassing the MFA enforced on the account.
How to get started
Symantec Web Isolation is an integral part of Symantec Security Service Edge (SSE) solution. It complements the powerful SWG component by solving many of the challenges companies face when trying to implement and adopt more security measures.
Wondering where to begin? Start by implementing Symantec Web Isolation with a simplified use case by isolating High-Risk traffic. Then adopt more custom use cases that can solve your organization’s company’s security challenges as you get more familiar with the solution and its capabilities.
When should you isolate traffic? Let risk levels be your guide. Watch this on-demand webinar to learn more.
We encourage you to share your thoughts on your favorite social platform.