/ CYBERSEC

Why Has Remote Browser Isolation Not Been More Widely Adopted?

Remote browser isolation is the most effective way to protect your users against web based cyber attacks. It's a simple premise and one that everyone can usually get on board with, physically isolate the broswer and isolate the associated cyber risks in the process.

So why hasn't it been more widely adopted?

The short answer is cost, it can cost you a small fortune to physically isolate your users browsers and their browsing activity depending on which remote browser isolation technology you choose to do the job.

It's not just that existing remote browser isolation technology can make it ridiculously expensive to isolate lots of browsers over the long term, its also because the existing endpoint security spend in SMB's and the enterprise was so small to begin with, the two conspire to stifle adoption.

What Does A Business Spend On Endpoint Security?

According to Gartner you average business spends between $44 (locked down) and $68 (managed) per year, per user on endpoint security, depending on wether or not the workstation is managed or completely locked down.

This, relatively small, annual endpoint security spend includes the usual suspects, cybersecurity technologies like endpoint antivirus and firewall software, but can also include other security tools as well. This is the reality of endpoint security spend in your average business workplace and right now the remote browser isolation technologies and solutions on the market are just too expensive to fit into that budget.

Its a truism to say that businesses should spend more on cybersecurity than they are, but the reality of the situation is that most IT and cybersecurity teams have to work within very tight annual budgets. The only thing that really changes this is a successful attack on the business, the traditional time when most businesses wish they had spent more on cybersecurity.

Why Is Remote Browser Isolation Technology So Expensive?

That's a good question, thank you for asking. I have been working on this problem for the last ten years with the US federal government and for transparency purposes I am the CEO of browser isolation startup WEBGAP.

My team and I built the first commercial browser isolation platforms back in 2010 for the National Nuclear Security Administration, platforms which helped to protect the US nuclear arsenal. We hosted isolated browsers for thousands of federal government users and we based our platform on non-persistent desktop virtualization, a technology stack which is incredibly effective at isolating risk when leveraged for remote browser isolation purposes.

The whole time we hosted these platforms the federal government kept telling us the same thing, that we needed to get the price per user down to single digit dollars per user if we were to win their long term business.

Of course this just wasn't possible using virtualization and we knew this almost a decade ago, it's still the elephant in the browser isolation space.

The biggest problem our space has is cost, unless you have a big budget you can forget about remote browsers, at least if you try to build a solution with the virtualization based vendors. The reason for this is that virtualization technology is unfit for remote browser isolation, it's just not an efficient vehicle for handling the browser compute load at scale.

Virtualization based browser isolation platforms require a ton of hardware infrastructure and depending on their architecture, lots of SAN or a hardware appliance. This kind of infrastructure does not scale well if you have a lot of users, something we already knew from server and desktop virtualization.

Any browser isolation technology worthy of future mass adoption has to be able to tick two boxes, and in doing so solve the biggest problems in browser isolation:

Your Platform Needs To Be Able To Scale - There are one hundred million internet users in the US who use the internet at work, in this context scale doesn't mean 10k users, it means a million users. If your platform cannot scale to 1,000,000 users without breaking your bank or infrastructure team then your platform is not fit for purpose, at least as far as the enterprise, cloud service vendors and managed hosting providers are concerned.

Your Platform Needs To Be Cost Effective - It all comes down to the money, if your solution is not cost effective then it will not be adopted in any major way. For sure you can make some money selling your solution to the wealthier organizations who can afford your tech, but as I mentioned earlier the market is millions of businesses who simply do not have the budget. If you cannot provide a remote browsing service to your customers for single digit dollars per user per month, then you are doing it wrong.

These are the two biggest reasons that remote browser isolation has not been more widely adopted, the current crop of vendors are too expensive and do not handle very large scale well because of their technology choices.

My team and I learned this the hard way over the last ten years and while our competitors have tried to make hay with their virtualization based browser isolation technologies, we have been beavering away building WEBGAP.

WEBGAP is a massively scalable and cost-effective remote browser isolation platform based on a containerized and grid distributed architecture, one that requires ten times less infrastructure than virtualization based platforms.

While our competitors have been busy justifying the cost of their solutions by comparing them to the potential costs of a successful cyberattack, WEBGAP have quitely been solving the real problems in the browser isolation space.

Call me crazy, but I believe that remote browsers will only become widely adopted when the real problems of cost and scale have been solved.

I would argue that the our space has a responsibility to solve these big problems, instead most vendors in the space are using fear to sell their expensive and bloated virtualization based remote browser solutions.

Fear not dear reader, I am going to teach them a lesson.

Main Image Credit : The awesome piece of artwork used to head this article is called 'Dolla Dolla Bill Y'all' and it was created by graphic designer Tom Wellington.

Infosec Scribe

Infosec Scribe

Founder of @Secjuice and freelance writer for discerning #infosec organizations and publications. I like to help others find their voice and tell their story. - @InfosecScribe

Read More
Why Has Remote Browser Isolation Not Been More Widely Adopted?
Share this

Subscribe to Secjuice.com