IDG Contributor Network: Authentic8 wants to protect users from bad websites
Many of us have experienced that moment of terror when clicking on a potentially risky link: Will it all be fine or will I start a torrent of bad outcomes from my action?
But bad stuff sometimes happens and, sad as it sounds, sometimes the links we click on take us to dark places with bad outcomes. Authentic8 wants to limit those impacts by reducing the blast area of bad content.
Authentic8, the vendor that created the secure, virtual browser Silo, today announced that its browser will enable organizations to selectively redirect particular URLs for safe rendering within an isolated browser. The idea of this approach is that rather than trying to block any suspect content, organizations can let it through, secure in the knowledge that it can do no widespread harm. Authentic8 was founded by the team from Postini (an email security product acquired by Google).
Secure web gateway (SWG) solutions provide a reliable way for organizations to handle users’ web requests, allowing some sites to be accessed and others to be blocked. With Silo SWG integration, customers can now configure their edge gateways, proxies or firewalls to forward some or all web requests to Authentic8 for processing.
The integration with Silo closes a security gap inherent to most secure web gateway solutions. SWG vendors categorize URLs to enable a go/no-go decision for access based on groups of sites. This requires gateway vendors to keep their categories current, which poses a major challenge given the rate of change on the web and the diversity of URLs associated with the content embedded in the page.
Rather than be an ambulance at the bottom of the cliff, Authentic8 provides (and excuse the slightly skewed metaphor here) crash pads. So even if someone drives off a cliff, they won’t be hurt.
Authentic8 provides an isolated web execution environment
Unclassified URLs, those the vendor has not yet classified, represent a problem for IT: allow access and deal with potential security exposure, or block unclassified URLs and reduce efficiency of the business. Silo’s SWG integration now solves this problem.
“We built Silo to deliver a completely isolated web execution environment that was available from anywhere without compromises to security or data policies,” said Ramesh Rajagopal, co-founder and president of Authentic8. “We listened to our enterprise customers who needed integration with their existing infrastructure to preserve the native IT workflow. SWG integration was the logical next step.”
To use SWG integration, customers will receive an identifying token that can be embedded in any URL forwarded to the service. Authentic8 will return an encoded pointer for the user to automatically connect to a secure, virtual browser where the site can be securely rendered. Each user’s Silo instance is built with a policy defined by the customer.
Admins can enable a global configuration with a single policy, restricting key functionality such as upload/download, copy/paste, and free-form browsing to other web sites. Alternatively, customers can create specific web use policies for different groups of users in their organization. All user activity data is logged and encrypted with a customer-supplied public key.
Customers can choose which URLs are redirected to Silo. They can forward any of their current categories, such as social media or personal productivity sites, allowing users access without undermining security or compliance policies.
The scale of the problem that Authentic8 is trying to solve is huge, and it’s growing. There are, it is estimated, 50 billion URLs today, with only 30 billion categorized by typical content filters. That leaves 40 percent of all URLs as “uncategorized.” These uncategorized URLs can be forwarded, providing protection where the SWG cannot. By forwarding uncategorized URLs to Authentic8, IT no longer needs to balance access with safety.
This reminds me, at least at a conceptual level, of Bromium’s microvisor approach, which takes a similar approach to machine-level operations. I like this general approach and will be interested to see the uptake that Silo gets.
This article is published as part of the IDG Contributor Network. Want to Join?