Why Remote Browser Isolation (RBI), Why Now?
This post was originally published on Ericom's blog here.
Written by Dr. Chase Cunningham, Ericom
Remote Browser Isolation, aka RBI, was more of a “fringe” technology when it first came on the scene. I wrote about RBI a few years ago while working as an analyst. At that time, it was noted as something that was interesting, innovative, and a potential future solution that would be key to extending the defensive edge of an organization. The concept is a powerful one – by moving web browsing sessions off the endpoint, and instead isolating them in remote network (or cloud) containers, RBI would protect devices from all bad things on the web. Early versions of the technology had some rough edges as far as performance and user experience, but that was years ago—an eon in cybersecurity terms. Jumping forward to today, security teams have discovered that innovation and hard work have delivered a new class of RBI product that is ready for prime time.
How does RBI fit strategically into the future state of an organization’s security?
In the last 18 months RBI, in varying forms, has been announced as a product offering from a variety of organizations that have lengthy histories as cybersecurity solutions providers. But why is RBI suddenly a “thing”? Why have some of the largest and longest serving security providers on the planet started offering this? How does RBI fit strategically into the future state of an organization’s security?
RBI extends the defensive plane all the way out to the internet.
The answer isn't that complicated. RBI helps to deliver on the threat prevention promise that legacy anti-virus and anti-malware products attempted to provide decades ago. And RBI fits into the strategy of an organization because it extends the defensive plane all the way out to the internet. By using containers and the cloud as part of that extended defensive edge and by functioning as the interface that a user would leverage to operate in the most threatened space there is, the internet, an organization’s security strategy is effectively optimized. A good RBI solution does not negatively impact the user experience, but it does eliminate and negate the most prolific of attack vectors where they operate, the web. It’s basically that simple, and that’s why RBI is now becoming popular.
Where are attacks most likely to occur? The web.
Think about things in this way for a second. If you accept that 1) statistically, numerically, historically speaking, data indicates your users will be your most likely avenue for exploitation; and 2) your users are most likely to be compromised by either a phishing link, credential harvesting, or drive-by download malware, then where are attacks most likely to occur? The web, end of story. Therefore, if you can leverage a solution that sits between the users and limits their interactivity with negative content and the nefarious techniques that hackers employ, you can finally tip the scales of efficacy in the never-ending daily battle we face in cyberspace.
Ultimately, this is the final way that you should think about RBI: it is a reality that we operate in a combat environment in cyberspace. If you were looking out across a vast expanse of a combat environment, would it make more sense to try and fight the enemy hand to hand, sticks and fists once they had penetrated en masse within your carefully constructed base perimeter? RBI moves the engagement zone outside of your territory and keeps your home front safe. Fighting inside your own environment once it has been breached, that is what legacy anti-virus type solutions get you.
Keep the engagement as far from your base defenses as possible.
RBI, as well as other Zero Trust security controls, are designed to keep the engagement as far from your base defenses as possible. By preventing the enemy from gaining a viable beachhead from which they can move laterally and spread you, in essence, take the high ground and dominate the battlespace.
So, I’ll put it to you - which approach makes more sense?
Engage the enemy on your terms, with you in the power position, or continue to try and “stay ahead of the threat” with legacy anti-virus/anti-malware scanning solutions that we have 30 plus years of proof don’t help you win? Or use technologies that help you take back the initiative from your adversaries?
These are the reasons why RBI, and why now.To learn more about RBI, check out this whitepaper that explains the technology in detail.