Remote browser isolation is a technology also referred to as web isolation or simply browser isolation. Remote browser isolation is an advanced cybersecurity technique that provides an additional layer of protection for users and organizations.
Browser isolation separates browsing activity from endpoint hardware, thereby reducing the device’s attack surface. When a user accesses a web page or app, it is loaded onto a remote browser that serves a rendering of the webpage to the user. The page operates normally, but only pixels are delivered to the user. There is no active content downloaded, so malicious code that may be hidden is kept at bay.
Remote browser isolation, or web isolation, enables safe access to web content by separating a user, and their local network and infrastructure, from the actual web applications and browsing activity. By creating a “browser sandbox” between the user and potentially risky web content, organization can confidently stop attacks from advanced threats and protect sensitive data as well as employees.
How it Works ?
- A user tries to access a potentially malicious webpage
- The request is evaluated against defined policies; if there is a match, the platform creates an isolated browser session
- The platform connects to the webpage and loads the content onto the remote isolated browser
- Rendered web content is streamed to the end user’s native browser as pixels over a HTML5 canvas
Benifits of Browser Isolation
- Protection From Malicious Websites: Because no local code execution happens on the user’s computer, users are protected from all malicious websites.
- Protection From Malicious Links: Since URLs are automatically opened in the isolated web browser, whether they’re in webpages, emails, documents, Skype, etc., users are protected regardless of the source.
- Protection From Malicious Emails: With Web Isolation, all web-based emails are rendered harmlessly in the remote server, and links in email clients are automatically opened in the remote server as well.
- Protection From Malicious Downloads: Administrators can finely control which files users are permitted to download, and all permitted downloads are first scanned to eliminate threats.
- Protection From Malicious Ads: Ads and trackers are automatically blocked. If any ads are displayed, they’re rendered remotely – protecting the user from malicious content.
- Anonymous Browsing: Advanced anonymous browsing capabilities mask users’ true identities.
- Data Loss Prevention: Built-in DLP capabilities protect corporate data from being accidentally or intentionally exfiltrated. These capabilities allow an administrator to restrict the files a user can upload to the internet.
- User Behavior Analytics: Organizations can obtain analytics into users’ web activities, which can be used for compliance monitoring, and to detect insider threats and unproductive employees.
- Reduced Number of Security Alerts: Isolating all web content on a remote server results in fewer security alerts and false positives that need to be investigated.
- Eliminates the Cost of Web-Based Malware: The effects of a malware infection can be severe and require a substantial amount of money and time to fix. Isolated browsing protects your network completely from web-based malware.