Protect your business, without hurting your business

Isolation technology is on the rise, thanks to the mother of all invention – necessity. Security experts are grasping for ways to protect their networks from the endless barrage of browser malware, and are finding the traditional methods ineffective. The state of the art in security technology – layering detection mechanisms and getting faster response times – is like having screen doors on submarines. Isolation is now becoming seen as the only way to keep malware off endpoints. And we need to do that.

It is just not possible to have security when you have malware residing and executing on your endpoint. Exposing endpoints to the risk of executing malicious code is exposing your business to immense risk. So many organizations are moving to isolation to ensure that the unstoppable deluge of malware is contained, but unfortunately, some have made the mistake of using virtual containers to isolate malware on the endpoints. This, in my humble opinion, is a ticking time bomb. I’ve always viewed endpoint security as impossible to do from within, that’s why our AirGap technology isolates malware outside your network and on a hardened appliance. Some forward-looking vendors are doing great work spreading the gospel about the power of isolation, but misleading people to place these protections on the endpoints. Malware can always sidestep protections in an OS by exploiting its software vulnerabilities. Even worse, hardware vulnerability has been proven by Google to exist in most endpoints which would render endpoint sandboxes completely ineffective.

And how long has this recently-reported hardware vulnerability existed in most computers? Possibly years. There’s evidence that manufacturers have known about this for a while and have been quietly trying to fix it (ineffectively, I might add) before anybody noticed. This sort of behavior, where vendors are too afraid to announce security vulnerabilities to the public, is creating a scenario where exploitable vulnerabilities can flourish undetected for a very long time. It’s going to require network isolation to protect us from this.

Branden Spikes

Branden Spikes – Technology Evangelist