Today, documents like PDF, Microsoft Word, PowerPoint, etc. that include active content can be “weaponized” and used to deliver malware to unsuspecting users, making them an effective vector for attackers. Blocking access to all documents is one way to address the problem, but it’s not practical; users need access to documents to do their jobs. So how do you determine which documents to allow and which to block? No system that tries to distinguish 'good' from 'bad' content can ever be perfect, and therefore any security soluton that allows web-based content to reach user devices exposes organizations to significant risk. The only way to reliably prevent attacks via web-borne malware is to never allow any active content—good or bad—to directly touch end user devices.
The Menlo Security Document Isolation Service protects enterprises from cyber attacks by isolating and rendering the most common document types—including PDF, Word, Excel and PowerPoint—in the cloud away from endpoints, eliminating malware before it can reach user devices. Only safe, malware-free rendering information is sent to the native browser on the user’s endpoint. With Menlo Security’s Isolation Platorm (MSIP) and unique Adaptive Clientless Rendering™ (ACR) technology, users enjoy a safe, transparent viewing experience using their native browser, without the need to download or install endpoint sofware or plugins.
In the event an administrator chooses to allow the download of original documents, a cloud-based anti-virus scan and sandbox can be added to ensure that only documents free of malware can be downloaded, even if they are password protected.