One of the most common things I was asked as a help desk professional while clearing up a virus for a client is "How did I get this?" My response was always the same. There is no way to be completely sure where the virus or malware came from, and it could be as simple as visiting a website that has been compromised or just clicking on the wrong thing within your browser. Even a site you frequently visit and consider safe, could get hacked and start serving malware to your computer.
Amid that reality, Menlo Security has a new approach to preventing these types of malware attacks. True believers include one of Japan's top Internet access providers, Internet Initiative Japan. Indeed, IIJ has just agreed to embrace this Isolation Technology in its secure web browsing service.
Currently, most security software serves websites by checking it against a 'good' and 'bad' database within the platform. This allows them to pass through the good websites and block the bad or malicious ones. This approach is definitely flawed, as it's impossible to keep these databases constantly up to date. Attackers are always changing their tactics and getting past these security platforms.
A new approach to browser security
The method that IIJ, in cooperation with Menlo Security, is using creates a completely secure environment that loads the website to protect the desktop from any malicious payloads within the page. It's like disarming a bomb inside a secure box. If the bomb happens to explode, the damage will be limited to inside the box. To the end user, though, this secure environment will be invisible. Users will still be able to use the standard browsers (Chrome, Internet Explorer, Safari, Firefox, etc), and can be unaware of the behind the scenes functions of Menlo Security's Isolation Technology.
This new service will be available as an added option to the IIJ Secure Web Gateway Service. Assuming this technology proves successful, I can see it becoming a standard in web safety and security. I may have to start changing my answer for clients questioning how their computer became infected.
Sarah Kimmel is a former MSP help desk manager. She blogs about IT management, mobile and security issues for MSSP Alert and ChannelE2E.