Why Choose Native Browser Isolation?

By Rick Deacon on November 7, 2019

Remote VS Browser Isolation, simplified.

Current browsing security is not enough.

Fast moving and tech forward organizations do not trust their current security tools to protect them from modern cyber attacks like phishing or malvertising. For many companies, web based attacks are common, so they use browser isolation to shut down the most common infiltration point on their networks: the browser. They want to supplement the efforts of their web gateways by isolating malicious websites that cannot be categorized by their threat analysis tools. One of the ways is through native browser isolation.

Native browser isolation stems from traditional browser isolation, which involves virtualization, or ‘creating a “remote virtual browser” by streaming all browsing activity to endpoint machines’. Unlike remote browser isolation, native browser isolation relies on technology that is already built into major browsers like Chrome or Firefox to deliver a sandboxed, safe environment. Specifically, it employs CSP headers to make malicious pages “read-only” at point of click.

So why are companies using native browser isolation?
Here’s native browser isolation’s four major use cases.

Cleaner, Faster, Safer Internet

Various security mechanisms break or slow down pages and interrupt the users’ experience. For example, VPNs slow or break down outside of the perimeter, and SSL inspection with a proxy slows down pages. Even worse, user devices can be infected with unsightly ads, even if they are served through legitimate sites. Apozy’s native browser isolation does not slow-down or break pages; it works anywhere there is an internet connection and ‘sees behind’ SSL without the use of proxies. Apozy uses cosmetic ad blocking to prevent those dangerous client-side attacks and blocks full URLs — not just domains. The result is a cleaner, faster, and safer browsing experience.

Chrome Extension Management

With over 5 billion people using Chrome, the browser has captured over 67% of market share as of 2019. That means organizations looking to take their cloud technology to the next level are using G Suite and Chrome for business. As the number of companies using Google’s services increases, people utilize Chrome’s extension framework to their advantage by installing add-ons that make their life easier. The problem with this increase is that 85% of Chrome extensions have no privacy policy. Your corporate and private data are being sent off to a mystery cloud and you have no idea what the extension creator does with it. In order to stay on top of extensions that steal data, install dangerous software, or break compliance, it is important to know what extensions are running in the first place. Because native browser isolation technology exists in the browser, companies are able to audit extensions across their entire organization.

Detect Suspicious Behavior Without Breaking SSL

Phishing attacks almost always occur on sites utilizing SSL, meaning web request data is encrypted and “hidden” from network tools. In order to understand these attacks, companies need visibility into them. SSL Inspection weakens their security posture, and much of inspection software is poorly executed compared to the browser. Using remote browser isolation for SSL inspection provides limited data, and user correlation is difficult. Using software with native browser isolation eliminates the need to break SSL while giving access to full URLs and requests; this allows companies to discover anomalous behavior faster without compromising security.

Increased Chromebook Security

The Chromebook’s only vulnerability is social engineering, such as browser-based attacks or malicious Chrome extensions. Apozy’s isolation model stops these attacks through adblock, extension management, and sandboxing pages in real time. This fits well into the security stack of Chromebooks, adding deep and precise protection.

Companies choose native browser isolation to create a more secure browsing experience and protect their business. Native browser isolation scales from 2 employees to 200,000 and protects everyone from browser-based attacks in a simpler and more cost effective way than remote isolation. At the same time, it improves user experience and provides critical SSL and extension data that is normally inaccessible.

Like our content and want to learn more? Follow @apozy on Twitter!

Author picture

by Rick Deacon

About Apozy

Founded in April of 2014 in San Francisco, we are a venture-backed motley crew of passionate hackers building cybersecurity technologies to make the world's information faster, cleaner and safer to access.