As a leading Email Intelligence company with researchers and analysts around the world, Return Path conducts 24x7 analysis of email and web data in order to provide better information to their subscribers. The research and certification process involves accessing web sites that are known to be compromised. This can put corporate resources at risk - both the users’ computers and sensitive company data.
What problem was Return Path looking to solve?
Security and Compliance analysts at Return Path need access to risky, malicious, and exploited websites in order to research phishing, fraudulent and otherwise corrupted properties associated with email traffic. Due to the malicious content being accessed and the browser’s inherent co-mingling of data, using the default browser on the user’s computer was not an option.
Users needed a separate browser that was fully insulated from the work environment. Analysts could time-share a dedicated PC, which was re-imaged after each research session. Or they could create a virtual OS instance on a partition on their local machine, and access the default browser in that environment. Both scenarios were costly and time consuming to administer. And for users, once they were inside the browser in the virtual instance, the workflow between the internal case tools and the browser broke down.
Return Path needed a way to create a safe and stateless environment on-demand on each user’s machine, without a fundamental breakdown of the analysis workflow. They needed an environment that was ‘disposable’ and fully insulated the computer and data, but was available in-line with the users’ tools, supporting things like browser plugins and copy-paste.
How did you deploy Silo?
Evaluating Silo was as simple as a download and launch. Return Path installed Silo on a handful of user’s machines and tested the service against certain websites. At the same time, Authentic8 worked with Return Path to identify and admin who could create new accounts for additional users, provision any web apps and set any policies. During the extended evaluation period, users across a variety of functions used Silo. While the core use case is in security research function, other groups have access to Silo and take advantage of account provisioning, credential management and policy controls. The ability to define an organizational hierarchy within Authentic8 allows administrators to manage and monitor configurations for different users across the company.
As a customer, Return Path has complete admin rights over their deployment. Users can be added, moved, or removed based on business needs. Pricing is a straight subscription model, including all admin tools, unlimited devices and configured web apps.
"We’ve had diverse adoption of Silo across the organization, and we’ll be looking at Silo as part of a larger BYOD initiative."
What is life like using Silo now?
We’ve had diverse adoption of Silo across the organization. It hasn’t completely replaced the browser that users have, but it has become a standard way to access sensitive web sites. Inside the Cert and Anti-phishing teams, users are continually bouncing into and out of Silo and the on-demand nature of the service has improved their processes. In of the other functions where Silo is used for regulated access to particular web apps, usage is less frequent, but the incremental security and account access controls are quite valuable. We’ll be looking at Silo as part of a larger BYOD initiative.