Remote Browser Isolation (RBI) was first introduced a few years ago. In fact, as an industry analyst, I covered RBI, evaluating the technology as a security solution for businesses as they grappled with managing their distributed workforces. During that time, it was recognized as a security concept that was innovative, compelling, and a potential solution that could safeguard organizations from phishing attacks, ransomware, and other malware threats. RBI moves web browsing sessions off the endpoint and isolates them in remote network or cloud containers, thereby completely protecting all user devices from the myriad of threats traversing the internet today.
Early iterations of RBI technology had some kinks that needed to be worked out relative to user experience and performance. Fast forwarding to today, enterprise security teams evaluating the technology quickly realize that years of hard work and innovation by security vendors has led to a new category of RBI product that is more than ready for the spotlight.
During this past year, RBI has been announced as a product offering from several cybersecurity solutions providers. There are a variety of ways these solutions are delivered, and the truth is many of them are offered as a feature rather than a comprehensive RBI platform. This doesn’t mean that they are ineffective when it comes to extending security controls to the edge. However, they may be thin on functionality, thus offering very limited security protection.
So, why is RBI gaining traction all of a sudden? Why have some of the largest security providers in the industry started offering this type of solution, and how exactly does RBI fit strategically into the future state of an organization's security?
RBI is being increasingly adopted by organizations because, to put it quite simply, it just works. RBI delivers on the threat prevention promise that antiquated legacy anti-virus and anti-malware solutions aimed to provide years ago, and this is why RBI has become a top priority among IT executives. By using containers and the cloud as a component of their defensive strategy at the edge and by operating as the web interface that users leverage to perform activity in the most exposed space there is, the internet, an organization’s security strategy is fundamentally improved. A quality RBI solution does not negatively affect the user experience, but it does completely eliminate and neutralize even the most prolific attack vector, which is the web.
Statistically and historically speaking, data shows that the human factor of an organization always serves as the most likely avenue for exploitation. Additionally, the risk starts from within, as users are most likely to find themselves compromised by a phishing link, credential harvesting, or drive-by download malware. So, where are cyber-attacks most likely to originate? Users interacting with the internet.
If a security solution can be positioned between the users and the web and eliminate the potential of malicious content and nefarious techniques compromising devices and the networks they are attached to, your organization has made a huge step up in the ongoing daily battle we are confronted with in cyberspace.
If you were looking out across a broad stretch of a combat environment, would it make more sense to try and fight the enemy head-on once they had already infiltrated your well-constructed base perimeter or keep them from gaining access in the first place? RBI moves the engagement zone off of your endpoint and keeps your home front safe – that is where the value lies. Fighting within your own environment once it has already been penetrated is what legacy anti-virus solutions provide you with, and this has proven time and time again to be ineffective.
RBI is designed to keep all engagement as far from your endpoint as possible. By preventing the enemy from gaining a foothold in your organization from which they can move laterally within your network, RBI lets you take the high ground and gain control of the cyber battlefield.
Engage with the enemy on your terms while maintaining a position of power, or continue to try and actively stay ahead of threats with outdated legacy anti-virus and anti-malware scanning solutions that have proven for decades that they will not give you the advantage you need to win? Which option makes the most sense to you?
Chase Cunningham is responsible for Ericom Software's overall strategy and technology alignment.