Learn how hybrid work is fueling ransomware attacks and what to do about it.

Back to blog

Protecting the remote office: How to secure web browsers

Illustration of laptop using secure web browser

Share this article

When I was a kid, work was a place where you went. Your mom or dad left the house for some mysterious place and returned eight or nine hours later – usually exhausted and running short on patience. Work and home were things you could compartmentalize and keep separate.

But today, work isn’t someplace you go. It’s something you do. No longer tied to an office or a worksite, employees can log in from anywhere business takes them. It can be at an office, at home, or from the road. Users can access sensitive data from applications and Software as a Service (SaaS) platforms using a variety of devices. Almost all work is now done on the Internet – making the web browser one of the most critical business tools today.

Common web browser threats

Malicious actors know this, of course, and they target web browsers as a way to infiltrate devices and worm their way inside the network to identify and penetrate high-profile targets. They place compromised content on known websites or fake sites. They send spearphishing links to highly specific targets. And they spin up legitimate-looking web forms to capture users’ credentials. The goal, of course, is to trick unsuspecting users – typically far from the security controls of the data center – to unknowingly unlock access to their device or business applications by giving up their credentials or downloading malware or ransomware.

Unfortunately, legacy security solutions are ill-equipped to deal with the new way we work. Built back in a time when work was a place that could be walled off and protected from malicious actors, detection-based solutions rely on reactive tactics to catch cyber swindlers. Set definitions of good versus bad content trigger protections – typically in the form of blocking content. But in an era when work is something you do from anywhere, these static definitions of good and bad are woefully inflexible – leading to disruptive false positives and halting business altogether at times.

Web content – good and bad – is constantly evolving. What may be good one day is hardly guaranteed to be good the next. New websites that are essential to doing your job – or, on the other hand, that imitate essential websites – can be spun up faster than they can be categorized by URL filters. Threat intelligence can’t keep up with the amount of content being created and compromised by bad guys. Reputation scores can change at the drop of a hat, often multiple times across the course of a day. Even security solutions that are powered by artificial intelligence (AI) and machine learning (ML) need reputational evidence to detect malicious activity. By then, however, it’s often too late. Once they’ve penetrated the network, malicious actors can lie in wait, bide their time, and surreptitiously spread throughout the network, identifying potential targets until the time to strike presents itself.

Why Zero Trust helps security catch up

Taking a Zero Trust approach to security is a way for today’s highly distributed organizations to keep up with malicious actors. It doesn’t matter if content delivered to a web browser is good or bad, because taking a Zero Trust approach prevents any content from executing on a device, preventing malicious actors from getting a foothold and spreading across the network. Rather than blocking anything that seems malicious while letting everything else through, Zero Trust allows security teams to intelligently assign policies that stop malware in its tracks without producing false positives that sap IT resources and disrupt user productivity.

For example, you can apply granular site category control such as allowing access to uncategorized websites but disallowing users from entering their credentials. You can force read-only access for certain categories or for specific high-profile users. Or you can simply isolate everything, preventing malware from accessing the browser without blocking any content for users. The granularity of possibilities is endless.

Eliminate malware completely

The way we work today has made the web browser one of the most critical business tools, putting it straight into the crosshairs of threat actors. Malware, ransomware, and credential theft put the organization at great risk, because they can evade legacy security solutions that focus on a detect-and-respond approach. By leveraging isolation-powered security solutions such as a Secure Web Gateway (SWG), security teams can bridge this gap, ensuring that bad actors don’t have access to web browsers on endpoints. If malicious content cannot be delivered, threat actors have no avenue for traversing the network in search of high-profile targets. SWGs typically work by blocking malicious content based on policies set by security teams. Today, many organizations are opting to replace legacy on-premises proxies – which rely on backhauling all web traffic to data centers – with cloud-based SWGs that offer scale and global elasticity, seamless integration, and a single point of control.

The way we work has evolved drastically over the last decade, but the security surrounding it hasn’t. Learn how we make the Internet usage safe, seamless, and effective for all workers through our leading Secure Web Gateway. Determine which cloud-based SWG is right for you by downloading our Ultimate Buyer’s Guide.

Share this article

Make the secure way to work the only way to work.

To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.