The internet has become an indispensable part of daily work, enabling greater flexibility, productivity, and communication. However, connecting to the internet introduces new challenges, particularly in terms of security. With cyber threats evolving constantly, organizations face the daunting task of protecting their users and network from a multitude of risks, including phishing websites, malware downloads, and access to sites that violate acceptable use policies.
To combat these threats effectively, many organizations implement cloud-based secure web gateways (SWG) as a key component in a security service edge (SSE) solution. By directing all user web requests through a SWG, web access policies can be enforced and malicious sites can be blocked based on a set of predefined URL categories. SWG solutions use a frequently updated category database to accurately identify web content and site risk, but this database isn’t all-knowing. This blog covers the additional capabilities organizations need to stay protected against internet-based threats.
The internet is full of “unknown unknowns”
The internet is a vast and seemingly infinite place. On average there are as many as 252,000 new websites and 33,000 new domain names registered every day. Categorizing and blocking all potentially harmful sites in real-time is nearly impossible, and attackers only need a few minutes to stand up a new site and launch an attack.
So what happens when a site is new or not categorized? The simplest solution to this problem is to implement a policy through SWG that blocks all users from accessing new or uncategorized sites. But this can create end-user frustration and hinder workplace productivity if access is needed for employees to effectively get their jobs done. Fortunately, there is another option beyond just allowing or denying access to risky web resources: remote browser isolation (RBI).
Get full web access without the risk
RBI acts as a safeguard against uncategorized and potentially dangerous websites by executing web content in a remote environment, isolating it from the endpoint and network. Uncategorized sites are loaded in an isolated browser, streaming a safe version to the user's device without the original code, ensuring both security and productivity are maintained.
This approach ensures that even if a user accesses a malicious site, the threat is contained within the isolated environment, protecting the user's device and the network from harm and minimizing the risk of critical data exfiltration.
These are some of the important capabilities you can expect from RBI:
- Directs weblinks deemed untrusted or unknown into an isolated environment for secure viewing
- Prevents data loss on the internet and zero-day threats by restricting actions like copy/paste and uploading/downloading files
- Deletes a user’s browsing session when it ends to eliminate malicious cookies or downloads
- Provides end users with a seamless and transparent experience
Lookout Secure Internet Access with RBI provides holistic internet security
Lookout Secure Internet Access is a cloud-delivered, next-gen SWG that protects users, underlying networks, and corporate data from internet-based threats while also preventing data leakage. For unknown and uncategorized sites, organizations typically have only two options to secure internet access to these sites: allow or deny. Lookout Secure Internet Access with RBI provides a third option, enabling internet security that goes beyond “allow/deny” to grant secure access to untrusted web resources.
This adds an additional layer of protection against zero-day threats, malware downloads, and other browser vulnerabilities. Users, devices, and underlying networks remain secure while employees retain the freedom to collaborate, share information, and access web resources in order to be productive.
"There's a real desire to escape the block-or-allow trap," says Ramesh Rajagopal, CEO and co-founder of Authentic8, creators of the Silo Web Isolation Platform. "It hurts productivity if screwed too tight and compromises security if set too loose. We are happy to collaborate with Lookout to give security teams a cloud-native and flexible security model to break free of that binary decision, and do something that makes sense for unknown or untrusted website access."
Book a personalized, no-pressure demo today to learn:
Discover how adversaries use non-traditional methods for phishing on iOS/Android, see real-world examples of threats, and learn how an integrated security platform safeguards your organization.
Modernizing IT: Why It’s Time to Replace Your Legacy Secure Web Gateway
Adapt to hybrid work and evolving threats: Upgrading to a cloud-based Secure Web Gateway is crucial for safeguarding data, devices, and employees everywhere. Learn more today in our free E-Book.