It takes “browser isolation” with website threats
Few desks and mobile applications are used as much as web browsers, however, browsers present a wide range of security exposures, regardless. Large organizations have relied on services called “browser isolation” to address this risk over the years, but these tools tend to be slow and clumsy. As a result, many companies require only the most sensitive jobs; otherwise, employees would look for solutions. On Tuesday, the Internet infrastructure company Cloudflare is releasing its version – a service called Browser Isolation – which the company says is faster and sometimes faster than unprotected browsing.
Browsers, by definition, are open doors. Their job is to collect data and send information from web servers. This means, however, that in addition to being good and good data on the web, users end up downloading malware or malicious attachments through the browser. In addition, hackers can find vulnerabilities in the browser’s own code and use them to attack targets.
“Browsers are nightmares for key information security officials,” says Matthew Prince, CEO of Cloudflare. “By default, every time it runs, the browser completely downloads the foreign code and runs it on the device. Browsers do a good job in the sandbox and controlling the risk in it, but almost every week you see a kind of vulnerability in one of the major browsers that allows people to potentially get out of that sandbox. “
Browser isolation services like Cloudflare, which have been in beta testing from October, protect computers in a browser-controlled container away from your other services and data. This way, any shadow code that tries to inadvertently run your browser may not be running on your computer and can be dialed. This process, however, takes time: time to remotely load pages, somehow transmit them to your computer, and then deal with all the interactions involved in web browsing, such as entering login credentials for a site or simple user logins, such as clicking and scrolling. . It presents all the possibilities of delay, which is why many browser isolation services are very slow and demanding.
Cloudflare’s service is part of a new generation of cloud services that want to be more useful by smoothing everything back and forth. In January 2020, the company acquired a small company, S2 Systems, which Prince says had a different approach than most tools. Many services have tackled the problem by loading a page into an isolated environment and then sending information about the site’s components, or even each color per pixel, to a user’s computer. The S2 approach touches the drawing commands that a browser sends to the computer’s GPU in the normal browsing state. These capture the pages as they load into their cloud container and then send them to the user’s computer so that the processor can basically draw a recording that looks like a web page.
The idea is to see the projection of your navigation in real time. With a strong commitment to web security, competitors have also felt the need to improve browser isolation in order to make the tools more attractive and ultimately ubiquitous.
“Despite high security spending, many organizations are struggling with web browser-related security incidents,” says Matt Ashburn, a former CIA official and director of the National Security Council, who now leads the company’s strategic initiatives to isolate the Authentic8 browser. “As long as a two-way connection is supported from the computer to the Internet, advanced opponents and criminals will find a way to continue to be successful.”
As with others security initiativesHowever, Cloudflare has a scale for rapid promotion new offers with a massive customer base. Browser Isolation will be a simple add-on for existing Cloudflare for Teams services.