As a result of the Coronavirus, many organizations are adopting social distancing techniques by shifting their workforce to work from home. This solution allows many organizations to remain operational to some extent, despite closing their physical presence. However, this gives rise to a variety of cybersecurity challenges.
Large IT corporations like Apple, Google, and Microsoft have allowed segments of their employees to work remotely to stop the spread of the disease, but the downside is that the internet is considered a hostile environment. Most deployed security solutions, like firewalls and Intrusion Detection and Prevention Systems (IDS/IDP), are set to protect IT systems from attacks that originated from cyberspace. But that isn't enough.
When employees begin to work remotely via the internet, this will increase the cyber threat attack surface. It happens because potential adversaries can now exploit the security vulnerabilities of an employee's endpoint computing devices (which aren't secure in comparison to company devices) to steal personal and business data, and gain an entry point to an organization's IT infrastructure.
In this article, we will study the cybersecurity risks associated with working from home, then we will discuss how browser isolation technology can help organizations reduce the cyber threat attack surface against their employees' endpoint devices when connecting to the organization’s network from their home machines, using the WEBGAP browser isolation solution as an example.
“Browser isolation is a shortcut to securing remote workers from the risks that working from home exposes them to. By securing their personal computers from browser-based cyberattacks, you can effectively protect them from cyber risks.” – Nihad Hassan, Cybersecurity Author at Apress
Cybersecurity risks when working from home.
Anyone who goes online will be subject to all kinds of cyber threats, nevertheless, employees working remotely should give special care for the following cyber threats:
- Unsecured Wi-Fi Connection - Home Wi-Fi should be secure enough if the router or the access point is configured properly. For those employees using public or shared Wi-Fi access points, a reliable VPN service should be used to secure their connection between their computer and corporate networks.
- Personal Devices Are Not Secure - Employees working remotely will typically use their personal computers or endpoint devices (laptops, tablets, or home workstations). These devices use different operating systems, applications, and security solutions e.g., antivirus software. The risk of having outdated applications and an unpatched OS increases dramatically on employee-owned devices, leaving them vulnerable to malware attacks that can result in them leaking personal and business confidential data.
- Phishing & Ransomware Attacks - Malicious email messages will become more effective as the emails are not passing through the corporate SPAM filter and firewall. Humans are still the weakest link in any cybersecurity defense plan, and an employee clicking a malicious link or opening an email attachment can compromise their computing device with malware and ransomware.
Countering Cybersecurity Risks Using Browser Isolation
Web browsers are our window to the world wide web, and most of a user’s online activities such as web surfing, reading emails, accessing the corporate intranet, in addition to personal activities like socializing and personal file sharing––are conducted via web browsers. This makes securing web browsing activities a top priority for employees working outside of their secure office networks and environments. As a result, browser isolation technology is the answer to neutralizing these web threats on employee-owned devices.
What Is Browser Isolation?
Browser Isolation is a relatively new cybersecurity model. It works by separating a user's internet browsing activities from their local device or an organization's internal IT infrastructure. This physical separation prevents browser-based attacks from penetrating a user's local machine and your organization's network.
The key concept which underpins the browser isolation model is, it allows a user to utilize a remote web browser hosted on a cloud server and directs all of its users' internet browsing activities into an isolated environment. By doing so, web threats that hit the remote browser will not affect the physical device of the user. In the case of WEBGAP, the remote cloud server will physically isolate all malware and other security exploits, which try to infect the end-user’s device while they work and surf around different websites online.
This is the preferred model to use by home workers to mitigate many risks associated with online works (phishing links and malicious files attached to email messages), and it does not require the installation of any software or special configuration on the endpoint device.
Benefits Of Browser Isolation
Browser isolation technology is gaining popularity as a reliable and easy-to-use prevention technique against browser-based cyber threats, including phishing emails, malware, and ransomware. We have seen a sharp increase in the number of browser isolation users as a result of the increased number of people working from home because of the Coronavirus outbreak. The following are the main benefits of implementing browser isolation technology to protect your remote workers’ endpoint devices:
- Fewer Web Threats - Most attacks targeting internal networks come from the internet, and they are most commonly introduced through your employees' web browsers. By isolating web browsing, organizations can lower web-based malware attacks up to 70%, according to a Gartner study published in 2018. In many instances, antivirus solutions are useless at preventing ransomware, and other malware types that infect endpoint devices. The damage can be even greater if the infected endpoint device was operating inside the organization’s internal network. Browser isolation technology can deter such attacks easily, and prevent the infection of end-user devices from spreading to other devices on the network. For example, with browser isolation, cyberattacks that target big enterprises such as ransomware and advanced persistent threats (APTs) can be effectively mitigated, as the malicious code will not execute on an end-user's device. Instead, it will run within the physically isolated environment of the remote browser.
- Save Admin Time & Increase Productivity - Access to the web is a practical requirement for any organization operating in today’s Information Age. To offer a secure work environment for their employees, organizations need to govern access to web content. They can achieve this via various technical solutions like routers and firewalls, but the hassle comes when they need to whitelist a website based on an individual request. A system administrator may need to update the list of whitelisted and blacklisted websites many times daily. Consequently, this increases network administration time and reduces productivity. By implementing browser isolation, no one will worry about the danger of accessing harmful sites, as the physically isolated environment of the remote browser will handle the risk without affecting endpoint devices.
- Stop phishing attacks - Phishing attacks are a huge concern for any organization; a malicious email can contain links to dangerous websites housing exploit kits or a harmful attachment such as a trojan, which may install malware or ransomware on an end-user’s device if clicked on by an unaware user. Browser isolation solves this problem by running the web email inside a sandbox, so if a user clicks on a malicious link or a malicious attachment, their machine will not get infected when the malicious payload executes.
Take a shortcut to remote worker security with browser isolation.
If you do not have centralized control over your home remote workers’ personal computers, it can be almost impossible to make sure that their apps are up to date, their operating system is upgraded and patched, or that they have security software installed to protect their machines. With so little control over your users’ computer environments, browser isolation is a great way to protect their machines at the browser level, and close the hatches on web-based cyber threats like malware and ransomware.
Post by a guest author