Remote browser isolation (RBI) has its merits for safe access to risky websites and uncategorized content, plus newly registered, observed, and parked domains. Each user gets a remote container where website code and scripts execute so no malware can infect endpoint devices, while also preventing cross-site scripting, web-based attacks, and phishing prevention. This targeted use of RBI is the leading use case with secure web gateways (SWGs) to enable safe browser-based access using interactive browsing sessions where all webpage content is rendered and streamed as pixels. However, the demand for RBI is increasing into new use cases that require extending its utilization as a key inline web defense.
Hybrid working environments and our post-pandemic world now mix work and personal access to websites, social, messaging, chat, email, and unmanaged SaaS applications. Almost every interaction in our lives involves online appointments, status updates, application portals, and online transactions versus using the phone and talking to another person. Providing safe access to personal websites and unmanaged cloud applications while protecting company endpoint devices and users presents a new extended RBI use case.
Netskope Extended RBI now provides safe access to six web categories tied to personal use, including:
- Cloud Storage
- Webmail
- Chat
- IM & other communications
- Professional Networking
- Social
For safe access to personal unmanaged web applications, 18 are provided within Netskope Extended RBI including:
- Box
- Dropbox
- Google Drive
- Google Gmail
- iCloud Drive
- Line
- Microsoft Office 365 OneDrive for Business
- Microsoft OneDrive
- Outlook Live (OWA)
- Proton Mail
- Telegram
- WeTransfer
- Yahoo Mail
And that is not all, administrators can also invoke Extended RBI by application risk, application tags, or by destination country.
Personal cloud storage and webmail have a known history for malware delivery and data exfiltration, as Netskope Threat Labs research from July 2023 notes 57% of threats are cloud-delivered, mainly from personal instances and unmanaged applications. Microsoft OneDrive has remained at the top of the list over the years, however, but has been falling in the past few months for delivering malware. Bypassing M365 apps is a risky policy choice as cybercrime continues to leverage the advantages of cloud app infrastructure and delivery.
The choice to block personal websites and applications can frustrate users trying to balance work and life priorities while using company-managed devices. There is another choice using Extended RBI to provide safe access to these websites and applications with data protection and DLP on file uploads and threat protection defenses for file downloads. Web and application content is isolated for safe browsing and interaction, file activity is protected, and inline application connectors provide the same visibility for isolated application activity as they do for normal application traffic. Netskope real-time coaching can also alert users to safer alternatives, collect justifications for data activity, and advise users to cancel or accept the risk for business transactions.
Case in point, your company-managed office productivity applications are impacted, and users need to use alternatives to communicate, share files, or deliver content to third-parties. Real-time coaching enables users to provide a justification for using their own personal cloud storage and continue with their business transactions whereas blocking access would impair the organization. Extended RBI becomes part of your business operations resiliency plan when primary managed SaaS has an outage and alternatives are quickly required.
Plus, in a competitive world for IT and employee recruitment, the ability to provide a safe and highly productive environment is vital for success. Broad based blocking policies can result in increased help desk tickets, frustrated users, and may impair business operations when an alternative saves the day. Extended RBI safely enables website and unmanaged application access and protects file uploads with data protection and file downloads with threat protection. Learn more about Netskope RBI and Netskope Intelligent SSE at these links.
