The cyber world threatens us all and keeps us constantly busy. The Internet is the main source of attacks, many of which are passed on to organizational users through everyday Internet browsing activities or through the use of Internet applications. Attackers easily bypass protection mechanisms, such as scanning of signature-based malware, firewalls, and secure gateways. Browser-based attacks are the primary threat vector of attackers, where the target is the end user, but they are not the only ones. Browsers are the central attack platform and are an easy target. No matter how well we think we have protected the organization, it is never enough. This can be seen in the recent increase of Ransomware attacks.
Organizational end users perform many activities on the Internet, from browsing websites, through downloading files, to using applications such as Skype and more. To protect the organization from threats such as ransom software, information theft, suspicious links, and fraud, organizations try to integrate many different layers of defense systems. Solutions such as – firewalls, web filters, sandboxes, honeypots, antiviruses, and more – are found in almost every organization. Each system tries to address a very specific problem or a very specific attack. Information security managers try to create a mix of systems in the organization, in order to provide as good a solution as possible to problems, but this is never enough.
The multitude of defense systems implemented in every organization constitutes a great challenge for management and control, and of course it presents a budgetary and economic challenge. The extent of the organizations’ investment in information security solutions constitutes a significant part of the budget, and it is growing at a dizzying pace each year. After a significant period in which the solutions in the market have tried to prevent attacks and damage, other solutions have been developed that place the focus on identifying and treating the damage when it occurs. In other words, the market already understands that to think we can succeed in preventing damage is an illusion, and that it really is impossible to prevent damage to organizations.
Disconnecting the Internet from the user’s endpoint
Today another solution takes a different approach. The solution of Crusoe Security, the leader in Israel, is the isolation of work stations from the Internet. Disconnecting the Internet from the user’s end station prevents about 70 percent of the threats on the end stations, and distances them to a remote environment. In an article by Gartner, it was recommended that every decision-maker examine the solution of remote browsing and Internet isolation in 2017 as one of the most significant solutions by which an organization can reduce the ability of web-based attacks on users to cause harm.
The advantages of using an Internet isolation solution and using a remote browser are immediate. End-user workstations and the organizational systems are kept isolated from attacks originating from the Internet or that use the Internet to carry out the threat. The Internet isolation solution and a remote browser can protect the organization from browser-based attacks, plug-ins, and zero-day attacks. Attacks will occur, but their ability to cause damage is kept isolated in the remote environment (DMZ or cloud). The user station can still be infected by threats, such as ransom software or spyware from other sources such as e-mail, or files that are transferred through virtual safe services, but even in those cases, the same threats will not be able to carry out their operation or be activated because the station does not have an Internet connection.
Nevertheless, such a solution holds many challenges, such as:
- End-user experience
- System performance
- System resources required
- Download/Upload of files
- Connection of peripheral devices
- Use of various web applications
- Interfacing with other security organization’s systems (SIEM, web filtering, AD, Sanitation products, etc.)
- ROI and TCO
Crusoe provides a complete and optimal solution to all of these challenges and brings with it all of the advantages of Internet isolation and remote surfing while maintaining an excellent user experience and great performance.
Proven technology and ROI
Crusoe Security uses leading and proven protocols such as Citrix XenApp, VMware Horizon, Microsoft RDS and Linux RDP in order to implement the solution optimally and securely, which can be applied both as a local installation and in a cloud configuration. Cloud configuration application also significantly increases the ROI of the solution due to the effective utilization of the computing resources required for running the solution.
Crusoe Security’s solution is the leading solution in Israel for Internet isolation, and is installed in leading organizations in Israel in many sectors, including finance, services, government, and security, with a proven ability, many features and rich experience, and has successfully passed many penetration tests in these organizations.
“The Internet isolation solution and a remote browser can protect the organization from browser-based attacks, plug-ins, and zero-day attacks. Attacks will occur, but their ability to cause damage is kept isolated in the remote environment (DMZ or cloud).”