Georgetown Security and Software Engineering Research Center Tests Cloud Browser Security for Enterprise IT Networks
S2ERC’s Productive Browser Project reveals Authentic8 Silo virtual browser delivers greater malware protection than Google Chrome desktop model
Washington, DC – The Security and Software Engineering Research Center at Georgetown University (S2ERC) today released results from its Productive Browser Project that shines new light on the importance of security in the enterprise IT browser space. The study found that Silo, the secure cloud-based browser from Authentic8, provides enterprise users a higher level of protection from malware threats than Google Chrome (Chrome). A full report of the testing results can be found here (S2ERC Productive Browser Report).
S2ERC researchers conducted a series of rigorous security tests to measure the capabilities of the Authentic8 and Chrome browsers to defend against many of the typical malware threats encountered by enterprise users.
The goal of the S2ERC Productive Browser Project was to determine whether a virtual browser could provide sufficient security against malicious malware threats with minimal impact on the productivity of a typical enterprise end user. The project focused on validating security properties hypothesized as a result of isolating the web browser through virtualization technology. The research initiative studied the security capabilities of virtualized, cloud-based browsers in enterprise network environments.
“The goal of this project is to research the impact that virtual browsers can have on the security of computers in corporate IT network environments,” said Paul Brigner, S2ERC Managing Director. “Not only did we want to compare virtual browsers’ security against conventional desktop browsers but also test their capabilities while supporting a typical workload of enterprise applications to ensure there is minimal impact on users’ productivity.”
Browsers are often a high-value target and attack vector for criminals and nation states who can exploit their vulnerabilities as a gateway into cloud applications and the enterprise network. By doing so, cybercriminals can compromise the security of these software as a service (SaaS) business applications in the cloud while also being able to penetrate the on premises enterprise network itself.
TESTING APPROACH
To determine the practical security benefits of a virtual browser, S2ERC researchers first cataloged a set of typical attacks. The testing team compiled a list of websites containing malicious malware code using databases from security watchdog organizations malc0de.com and vxvault.net. After verifying that these sites contained malware. The S2ERC team attempted to download infected files using these websites using both Silo and Chrome on two identically configured laptop PCs that also had a standard enterprise antivirus software installed on them.
The S2ERC team attempted to download 54 files, eight of the data successfully infected the machine running Chrome while none of the sites reached the computer running Silo. In short, approximately a seventh (1/7) of the malicious sites visited by Chrome experienced a successful download while Authentic8 Silo virtual browser prevented downloads in all cases.
A further examination of the results found that Silo did allow sandboxed downloading of 13 files, or about a quarter of the sample. The sandboxing – or software isolation – of these files still provided protection from direct exposure to hardware systems.
When Silo downloaded a file, the browser sandboxed the file in cloud storage. Upon exiting the browser, the files were deleted. As such, these files never reached the test laptop nor reached the local enterprise network.
While sandbox downloading occurred in Silo with many of the malicious sites, many of those were blocked on Chrome by either the PC’s anti-virus program or Google itself. Thirty-six sites were blocked by the PC’s anti-virus programs, meaning three-fifths of the malicious sites were blocked by the cybersecurity add-on. An additional four sites were blocked by Chrome.
Still, the files that Chrome did download were able to successfully infect the computer. This allows for possible security breaches in an enterprise setting. While the anti-virus software should eventually find the malware, the ability for viruses to reach the computer posed a serious security threat to the users.
S2ERC PRODUCTIVE BROWSER PROJECT
The S2ERC Productive Browser project marks the second and final phase of its multifaceted virtualization research project exploring benefits of a virtual browser for secure Internet use by enterprises networks. The first phase of the research evaluated the performance of virtual browsers versus conventional desktop browsers on desktop PC and MAC computers.
“It was a goal of this project to explore and test whether an isolated cloud browser can be a mechanism for improving the security and compliance of enterprise networks and data,” added Brigner. The Productive Browser study validated that virtual browsers like Authentic8’s Silo help enterprises improve the security of their networks and data.”
About the Security and Software Engineering Research Center at Georgetown University
The Security and Software Engineering Research Center at Georgetown University (S2ERC) is a National Science Foundation (NSF) sponsored research center working on the safety, security, and stability of today’s communications networks. S2ERC uses applied and basic research to address the technology, policy, regulatory, legal, governmental, and business issues impacting secure networks. S2ERC research results create solutions to technical issues and enable vendors and service providers to offer products and services that real enterprises need and can deploy. Learn more at https://s2erc.georgetown.edu/.
Media Contact
For S2ERC: John Gates, Elevate Communications
o: 617.861.3651, c: 617.548.8972, john@elevatecom.com