Not all isolation technology is created equal
The way we work is drastically different today than it was 20 years ago. Heck, it’s drastically different than it was just two years ago. Business today is largely conducted on the Internet through Software as a Service (SaaS) platforms, web apps, and email. Users have moved out of the data center to branch locations, home offices, and the dining room table. And modern applications have been deconstructed into thousands of microservices that can be spun up across multi-cloud environments around the world. Now, more than two decades since on demand became a marketing buzzword, we’ve actually created a world where business tools can be delivered, accessed, and shared anywhere and anytime users expect.
The impact of this newfound business agility is that threat surfaces have greatly expanded and the web browser has become the most critical business tool in the modern worker’s arsenal. Threat actors have taken notice, using malware and ransomware to infect endpoint devices and gain a critical foothold on the network where they can lie in wait, search for valuable targets, and strike when security professionals are least expecting.
Many organizations are adopting Zero Trust security strategies based on the assumption that all content — regardless of whether it originates from a company device or user — is untrustworthy. This forces websites, web apps, SaaS platforms, and even email content to be treated as if they are malicious and forces them to continually gain and maintain trust throughout every engagement.
Isolation is the key technology that enables Zero Trust — preventing threat actors from even accessing end devices, much less infecting them. Isolation works by creating a protective layer around users as they navigate the web, effectively creating a virtual air gap between the Internet and enterprise networks. By coupling this with a Zero Trust approach, both known and unknown potentially malicious activity is blocked, ensuring that attackers never gain a foothold and, therefore, malware and ransomware have no avenue for reaching endpoints.
But not all isolation is created equal. Many security vendors claim to use isolation to protect end users from malicious activity on the Internet, but most solutions’ scope, scale, and architecture fall short of providing true 100 percent protection. Organizations looking to enable their Zero Trust approach through isolation need a solution that isn’t disruptive, scales globally, and actually works all of the time.
Without further ado, here are five things to consider when looking for an isolation solution. The best solution:
1. Protects users, no matter how they’re working.
The nine-to-five workday is a thing of the past. Today’s work is done anytime, anywhere, on any device. Isolating just one browser or type of device creates critical security gaps that can be exploited by threat actors. Your isolation technology needs to protect users on any web browser or device – including mobile – to ensure 100 percent protection.
2. Preserves the user experience.
Isolation also can’t disrupt existing workflows or cause so much pain that users find a way around security controls. This means preserving the native user experience — including copy, paste, print, and pinch-to-zoom controls — and maintaining expected performance. If web browsing or app performance slows, users will get frustrated and find workarounds to maintain productivity — and that’s not good for anyone. Isolation should protect users without them even knowing it’s there.
3. Protects the anywhere, anytime workforce.
Security protection shouldn’t expire when users leave the office. Nor should users suffer performance lag when they travel. Isolation should be delivered through the cloud with elastic scale; in other words, without limiting scope or location. This means that all traffic — not just critical apps — should be isolated, leaving no security gaps regardless of where or how business is conducted.
4. Supports a Zero Trust strategy.
Isolation solutions must support Zero Trust initiatives with no exceptions. Zero Trust means never trusting content on the web or in SaaS platforms. What might have been secured and trusted yesterday could easily become malicious today. This support can be done through flexible policy management, allowing certain content or users to be isolated or rendered in read-only mode.
5. Serves as the foundation of your security stack.
Isolation is not a feature. It’s not an add-on. It’s not a nice-to-have thing. Isolation should be baked into every aspect of your security stack — from your Secure Web Gateway and Data Loss Prevention tools, to Cloud Access Security Brokers and Remote Browser Isolation solutions. Applying isolation only to web traffic, uncategorized websites, or critical applications is not transformative. It’s just a bump in the road that a threat actor will eventually be able to evade. If you’re going to implement isolation, you need to go all in and protect all traffic and all users while maintaining control over exceptions.
Isolation is a transformative technology that delivers 100 percent protection from malware, ransomware, and other threats wherever you do business — but don’t be fooled by imposters. If your isolation solution doesn’t fully enable your Zero Trust approach, preserve the native user experience, scale globally, and provide 100 percent protection, you’re playing with fire. Threat actors will still find a way into your network and cause disruption.
Discover how other organizations are approaching their Zero Trust initiatives and the challenges they face in this new ebook by analyst firm ESG.
The post Not all isolation technology is created equal appeared first on Menlo Security.