One of the most interesting developments around enterprise applications is a new cloud-based security control layer for browsers that enables airtight utilization of any personal connected device for secure business use.
Startup Authentic8's service enables a browser session to take place within a secured container; the session then disappears completely after the task is done with no audit trail.
Equipped with Authentic8's cloud service, any browser can be secured by enterprise policies ahead of time based on the needs of the business and the employee. Because it's all about the browser, any connected device can be used at any time to do the work.
Obviously, the implications of this service for enterprise BYOD policies are numerous. Since the vast majority of crimeware, rootkits, spyware, viruses and other Web-transported malware enter a device via the browser, this effectively cuts the head off all those problems.
Throw Away the Session When You're Done
Users have the ability to launch a browser instance, use it, and then throw it away without burdening the local system. Researchers can conduct research without compromising local environments and tipping their hands to potential intruders.
The news from Authentic8 on Oct. 23, which makes the Silo cloud-based secure browser for business, is that it has expanded its product capabilities to include resources designed for information security research, incident response, emergency readiness, anti-fraud, and more.
Where Silo is designed to control the use of Web-based services by executing in a sandbox and implementing data-level policy controls, the new configuration, called Toolbox, brings the same isolation but includes features necessary for researchers to do their jobs more securely.
"These enhancements for infosec researchers are a direct response to the needs of our users," said Scott Petry, founder and CEO of Mountain View, Calif.-based Authentic8. "Silo is a platform, and we will continue to enhance and extend its capabilities.
"Our customers are constantly pulling Silo into new business processes. By moving the browser to the cloud and by extending the environment with a policy and configuration capability, they have embraced Silo across industries and roles."
Researchers Have Additional Requirements
An early step in the information security research process is to access web content using the browser, Petry said. Thus, teams need to connect, download or store content, and perform analysis of malicious web code. Whether the user is a law enforcement agent or a compliance agent at a company, they need to conduct this research without exposing their environment to malware or revealing their identity. Toolbox is designed for this, Petry said.
Some key data points about Authentic8 Silo Toolbox:
--Toolbox is a browser built on demand at session start and destroyed at session end. This ensures that there is no data residue session over session.
--The browser executes in a sandbox on Authentic8's servers, creating an insulation layer between target Web code and the researchers network and device.
--Toolbox includes a temporary file system that allows data to be downloaded within the sandbox to be analyzed, manipulated, or uploaded to other Web-based services.
--Researchers can spoof different browsers and devices in order to analyze various types of Web code the target server delivers.
--Toolbox can be configured to exit to the Internet from different international locations via Authentic8's private global network of exit nodes. This means that a researcher can work safely at their desk, while appearing to be a local computer on the other side of the world.
--Researchers can run multiple configurations of the Toolbox browser in a single Silo session, meaning that researchers conduct research processes in parallel, rather than a dedicated machine model.
The idea is to make Toolbox an ideal on-demand, secure, and anonymous research tool, Petry said. Using Toolbox frees teams from the current pain of re-imaging dedicated systems, setting up private sub-networks, or implementing costly and dangerous local sandbox solutions.
Authentic8 was founded in 2010 by principals from Postini, a secure email cloud service that was acquired by Google in 2007 and whose components are now being used in Google Apps.