News of high-profile cyber attacks is now so common that people are becoming desensitized to the magnitude of the threat.

But while the general population might dismiss these news reports as “another day, another attack,” as an IT professional, you know how very serious the ramifications of these attacks can be for your business -- and your job. You must remain constantly ready to defend against cyber criminals’ ever-evolving methods -— and that means ensuring that your security defenses continue to evolve, too.

Even if you are exceptionally confident in your cyber-defenses (or in your organization’s unattractiveness as a target), the list of threats you must guard against is probably enough to rob you of some sleep. Just consider the following:

• Ransomware threats, which were all over the news is 2017, aren’t going away any time soon. In fact, the incidence of ransomware attacks is predicted to build to the point that pundits expect a company to be hit every 14 seconds by 2019.  
• Malvertising, a relatively recent threat which sees hackers go to such lengths as to set up fake advertising agencies, is booming. Cyber criminals have been bold and successful enough to plant adverts on the likes of The New York Times and Reuters using malvertising tactics, so this is clearly a huge threat.
• Zero day attacks continue to demonstrate that the “cat and mouse game” between hackers and IT security teams is still going on. One such example from 2018 is a zero-day exploit in Flash, that was just recently patched.     
• Phishing techniques continue to evolve, with one recent study suggesting that some phishing messages are convincing enough to lead nearly 100% of people to click through from them.

Throughout April 2018, reports of hacks and data breaches came in at a fast and furious pace, including a school district in Massachusetts being forced to pay a $10,000 Bitcoin ransom to unlock their systems. Another example was freelancing platform TaskRabbit being forced to take down its website and app as the result of a hack.   

Making the Enterprise Safer

There are many steps you can take to make networks safer and you most likely already have many in place in your organization. These include:

• Utilizing firewalls
• Installing antivirus protection
• Educating staff about security threats

However, since cyber criminals are continually evolving their methods, you too need to constantly consider what your business must do to stay one step ahead.

One thing all of the threats we discussed above — ransomware, phishing attacks, malvertising, and zero-day threats — have in common is that web browsers are always or often the vector via which they penetrate organizational systems. Unfortunately, much of everyday life and business takes place within a web browser, so keeping people away from the web simply isn’t an option.

Firewalls and antivirus products cannot reliably stop malware from finding its way in to organizational networks through websites and browsers. User education, likewise, will not lead to every employee carefully checking out every link, on every email or website, every time before clicking — not when some social engineering tactics are so convincing that they fool even experienced security professionals.

So how can organizations protect networks from the many threats that get in via web browsers? Remote browser isolation (RBI) can serve as a crucial addition to other endpoint protection tools that remain essential, but are insufficient, on their own, to keep networks safe.

What does Remote Browser Isolation Do?

Remote Browser Isolation allows you to keep web browsing away from the main network, while still giving staff full access to everything they need on the web, and without interrupting the user experience.

The actual browsing, however, takes place in a safe and separate environment, with the pages being rendered to the endpoint browser with no delay. Should anyone stumble upon any malware, its impact is restricted to the isolated container, which can be sanitized after every use. The means that the majority of infections never even get the chance to hit a user’s machine.

Other advantages of RBI include:

• Giving the IT team a single place to manage the browser environment in terms of updates and plugins, instead of requiring them to support multiple browsers on multiple endpoints.
• The ability to allow staff to use Flash and Java-based systems, without all the inherent risks of permitting this on individual computers.
• Download protection, by forcing any file downloaded via the browser through scanning and sanitization processes before it reaches the user, without impacting performance.  

Overall, RBI dramatically reduces the potential attack surface for hackers to exploit. This in turn eases the compliance burden, and could even result in lower cyber insurance costs.

Cyber criminals are always thinking of new ways to go after your company’s network and data. Thankfully, the cyber security industry is equally determined to find ways to stop them in their tracks.  

Ilan Paretsky is Chief Marketing Officer at Ericom Software