Remote Browser Isolation for Very Attacked People is the beginning, not an end

Have you explored remote browser isolation (RBI) and are willing to adopt it to protect your business from ransomware, credential theft, spyware, phishing attempts and malvertising? But just when you were going to make the buying decision, someone came and told you that RBI isn’t meant for company-wide deployments, and should be limited to select people whom we know as the Very Attacked People (VAP) – ones who are more likely to be attacked than others? Has this argument had you rethinking whether you should deploy RBI for all your workforce or save the cost by simply implementing it for VAPs?

RBI-for-VAP is a prudent start

It is true that adversaries are taking a finely-honed, highly strategic approach to target your people. So, organizations can start their RBI journey by implementing RBI for VAPs in the first stage as it will enable them to secure their critical assets handled by select people. This is a good starting point that will not only give organizations visibility about RBI and its core capabilities but empower them by protecting the main brass.

Moving up the ladder

But remember in today’s world, from CEO to doorman, everyone who’s got the internet access in the company is unknowingly or knowingly gullible to attacker tactics. 32% of businesses surveyed late last year identified cybersecurity breaches in their organizations, and all found that hackers took advantage of employees and posed significant risks to them.[i] The most common attacks reported by companies in the survey include phishing (80%), impersonation (28%) and viruses, spyware or malware (27%). Coaxing employees, regardless of their rank and position in the company, to click on spurious links works best for hackers. Once they have initial access, hackers move laterally across internal networks to the most valuable resources. Thus, hackers do not simply restrict themselves to a few targets for a very long time. When their tactics fall flat on VAPs, they swiftly change gears to target other employee groups. So, protecting VAPs with RBI is a temporary relief, not a pragmatic, long-term approach.

Graduate to the next level

Once VAPs are on-board for browser isolation, organizations should apply the knowledge and learnings gained from the first phase of implementation on other critical groups and departments, such as developers with access to intellectual property, the finance team with access to key financial metrics, IT admins with access to systems, and HR with critical employee information, etc. Phased approaches will be effective in isolating attacks and keeping cybercriminals off your network. Organizations can extend the browser isolation capability to the vulnerable groups on priority basis and to employees where a credential theft can be fatal.

Plan for firm-wide RBI implementation

RBI is a proven method to handle the 90% of successful endpoint compromises that involve the browser, including ransomware, spearphishing, malvertising, credential theft and social engineering.[ii] More so, RBI is more valuable during the pandemic times that forced organizations to embrace the work-from-anywhere culture. In this new normal, employees are working beyond the traditional perimeter on which the IT administrator has limited or no control. Work-from-anywhere has exposed organizations to cyber threats more than ever, at that same time as employees are more distracted from careful scrutiny of phishing links and fake websites as they juggle work, childcare, home schooling, self-quarantine, and more. It’s well evidenced by a dramatic increase of fivefold in the number of cyberattacks since the start of the COVID-19 pandemic as observed by WHO.[iii] Similar research by other security agencies and companies have seen the same trend. It clearly calls organizations to protect all employees, not just VAPs, by adopting a robust browser isolation tool. It is advisable that organizations plan for company-wide RBI adoption over a period. It’s like closing all vulnerabilities, known and unknown, that can act as entry points for hackers to take control of your network.

Organizations need to start their RBI journey somewhere and the VAP coverage in the first place is a step taken in the right direction. It will help them measure the benefits and impact of the implementation on the select group. However, they should expand the coverage beyond the core group eventually to reap its complete benefits. The pandemic times which have increased threat surface have given threat actors advantage as they can exploit a larger mass. Gradual coverage of broader masses in your organizations will dampen hacking attempts on your infrastructure.

Onkar Sharma

Principal Specialist – Content Marketing, Cyberinc