In the wake of recent ransomware attacks, such as WannaCry and BadRabbit, and IT environment security is priority number one for the enterprise. IT administrators are taking a closer look at all aspects of their environment to spot potential vulnerabilities. One such vector of attack is the browser, which people are starting to realize is one of the most insecure elements of their IT environment.
In a report released by Gartner in September of 2016, analysts identified that “almost all successful attacks originate from the public internet, and browser-based attacks are the leading source of attacks on users.” They also found that preventative measures only go so far as attackers are bypassing controls such as signature-based malware scanning and firewalls. However, there is good news! Damage from these attacks can be mitigated by leveraging a browser in the cloud. A browser in the cloud not only blocks malicious code, but even can act as a block for mass surveillance.
A browser in the cloud is a relatively simple, yet effective, idea. By opening a browser from a cloud instance, connections are secured from potential threats as all code is executed from within the cloud instance. The only thing delivered to the user client device is pixels.
In terms of user access, the common recommendation is to access the cloud browser via an HTML5 viewer, as it avoids the need to install a local agent or application. Options for HTML5 viewers include Apache Guacamole or the Leostream HTML5 viewer. Another advantage to an HTML5 viewer is user access from a wider variety of client devices, including mobile devices such as tablets and smartphones. Browser OS devices such as Chromebooks are another option, and moreover, are arguably one of the most secure client devices
Increasingly, we see companies specializing in IT security offering their own version of a browser in the Cloud. The leader in the space is Authentic8 Silo, a standalone, disposable browser, accessed via a traditional browser. It requires the user to enter a password upon launch thereby leaving enterprise policy roles intact. This can allow or restrict key browser functionality while also calling up a list of previously entered links and stored password, mimicking a more traditional browser user experience.
Another option is Maxthon 5 Cloud Browser, which targets power users with features such as GPU-acceleration, built-in memory management, flash, and native HTML5 support. Android even has a mobile browser in the cloud option right in their Google Play Store.
As cloud VMs are increasingly accepted as secure options for keeping user data off client devices, browsers in the cloud seem like the obvious progression Gartner predicts by 2021, 20% of enterprises will adopt a remote browser solution, and 50% of enterprises will activity isolate internet browsing activities. Adoption rates continue to grow and browsers in the cloud will likely become standard practice in enterprise IT security.