Browser isolation as an enterprise security control

Abstract

Browser isolation is a category of security control that allows users of sensitive endpoint devices to access potentially risky web content without putting their devices at risk of compromise by malware. A key use case is to provide web access from the privileged access workstations that should be used by those with elevated system privileges such as systems administrators. If endpoints for such users are compromised, then the attacker may gain the ‘keys to the kingdom’, making the risk of direct access to unknown and untrusted websites too high. Browser isolation, however, may also be used as a control to protect endpoints for broader classes of users to prevent attacks such as phishing e-mails containing malicious uniform resource locators (URLs). In order to form a useful control, browser isolation must deliver a significant ‘step up’ in security compared to the extensive web security already typically deployed within the enterprise, both in third-party security products such as proxies and endpoint agents, and within existing browser software such as Google Chrome. The Browser Isolation security model depends critically on the data transfer format between an untrusted component responsible for processing risky web content and a trusted component responsible for transmitting information to the user’s endpoint. The gold standard in this area is a technique known as ‘pixel pushing’, whereby risky web content is transformed into raw pixels. Beyond today’s implementations, browser isolation may likely play a broader role in future, in keeping with the role that equivalent technologies already play within the military and intelligence sectors, as referenced by a recent White House memorandum.