By Antoine Korulski and Adi Goldshtein Harel, Check Point Software Technologies
Enterprises, like citadels, fortify their networks and data with sturdy walls (firewalls), vigilant guards (agents on endpoints), and advanced defence systems (cloud and IoT security). However, there is one vulnerability that has remained untouchable – the enemy infiltrators disguised as allies: Unmanaged devices which belong to third parties like contractors, partners, or freelancers. Just as you cannot ask a friendly visitor to surrender their weapons at the castle gate, you cannot ask contractors or freelancers to install intrusive agents on their devices due to privacy and performance concerns. Furthermore, in today’s remote work era and widespread use of personal devices in the workplace, the challenge of managing these unmanaged devices is like a ticking time bomb, ready to blow up.
Web browsers serve as the primary interface between users (82% of breaches involved the human element), an organisation, and the internet, rendering web pages, executing scripts, and storing sensitive information like passwords, cookies, and credit card details. With rising attacks and breaches, the security of web browsers is a crucial concern for organisations.
Browser security is fast becoming a critical aspect of a comprehensive cybersecurity strategy. In this article, we will explore the importance of browser security, the threats that organisations face, and how they can manage unmanaged devices to ensure the security of their network.
Web-borne security threats
As web browsers come to be the main interface between users and internet applications thanks to the rise of SaaS solutions, those web applications are an open door to many threats such as data loss and malicious file upload, since often, there is no endpoint security on third-party devices to mitigate the risks. A major threat, according to Verizon Data Breach Report 2022, has been phishing attacks, which saw a 74% increase in attempts sent per second in the last year.
5 Common challenges and questions to ask yourself when allowing access to web applications from an unmanaged device.
- How do I manage access to these web applications?
- Do I have protection in place for my data? Can users download sensitive information to their personal computers?
- Can the user upload malicious files or other types of content to my organization’s web applications?
- Do I have visibility into the usage of data? Can data be copied, pasted, or printed outside of the web application?
How to mitigate those threats
As a security executive, you have two potential options to mitigate BYOD risks:
- Strongly limit the accessibility of those unmanaged devices to your network and applications with inflexible policies and impose a restricted VPN (Virtual Private Network). This solution offers limited visibility and control to your security team as the devices remain unmanaged but with limited risk exposure.
- Another option is for an organisation to enable a web browsing security extension installed at the browser level. This solution is not invasive and allows your security team to manage policies for web page, web application access, file downloads/uploads, and protect against sensitive data leakage among other. Furthermore, it offers IT security teams visibility into threats to mitigate them before a breach occurs.
In short, web browser security is crucial for modern cybersecurity and organisations should take measures to secure their web browsers to protect against threats, sensitive information leaks, and maintain their reputation. This includes implementing security policies and using security software, especially due to the rise of remote work and use of personal devices in the workplace.