Authentic8 Blog Category: Customers

85% of Infected Websites Are NOT Blacklisted

Website attacks increased by 59% in 2018, according to the 2019 Website Security Report [PDF] recently published by Scottsdale, AZ-based SiteLock, a provider of business website security solutions. Most of the attacks were automated, the company reports, with 330 bots staging on average 62 attacks per day.

So far, so not surprising - just wait, there’s more. Let’s look next at a significant aspect of the SiteLock findings. It illustrates how much the attackers behind such malware campaigns can rely on the inherent vulnerability of traditional browsers.

When someone visits an infected site, the regular browser dutifully executes the malicious code from the web on the local machine. From there, ransomware, spyware or cryptojackers can spread through the user’s corporate or home network. Game over.

“Not so fast,” you may object. “Our IT security team has many ways to prevent such exploits. AV/EPP/ATP, CASB, VPN, SWG/URL Filters…” Which brings up that other finding in the report

Cloud Browser Economics 101

We could go on all day long about the high price enterprises are paying for using traditional “free” browsers in their day-to-day business. Being respectful of your time, we addressed the core points in a short webinar titled Your Browser Betrays You (What is the cost of running a “free” local web browser in your organization?)

We frequently hear from customers how Silo, the secure cloud browser provided as-a-service by Authentic8, helped them realize significant savings. Customer survey results show:

Customer Survey Results: Savings Realized with Silo Cloud Browser by Authentic8

IT savings realized with the Silo cloud browser. Source: Authentic8

Before Silo, those resources - almost automatically, quietly - went to procure, maintain and update one or more components of a bloated security stack (think AV, CASB, URL Filter…). Its components were mostly aimed at preventing and mitigating the exploit and data loss risks associated with a locally installed browser base.

Because remote browser isolation with Silo removes these risks, enterprises can stop this point-solutions drain on their IT team and budget.

Update on Meltdown and Spectre Exploits

Three months ago, the industry was on high alert due to the publication of two new security exploits: Meltdown and Spectre see my prior post on this topic.

Since then, Authentic8 has aggressively updated its software at both the system and application level, from kernel to browser (and every patch in between). We have been actively monitoring our systems for security issues, as we always have and will continue to do.

These attacks did not represent a qualitative change in the security landscape but were a reminder that threats are always present. Some are known; most are probably not.

The Meltdown and Spectre threat reminds us that monitoring and rapid response are vital to our security and, by extension, the security of our customers.

While we haven’t seen any in-the-wild exploits that take advantage of Meltdown and Spectre, security breaches attributed to the lack of basic IT hygiene continue unabated.

We encourage you to re-assess - continuously - your basic security

Customer Spotlight: Employee Benefit Services

img_2014-09-02_EBS

CUSTOMERS

Employee Benefits Specialists, Inc. (EBS) is a national company that provides a comprehensive menu of benefits to organizations ranging from small businesses to national corporations and municipalities. EBS services include online enrollment and eligibility management, flex spending accounts, COBRA and retiree administration, voluntary insurance and invoice reconciliation and eligibility tracking. With so many services and programs to administer, ensuring the confidentiality of client data is both challenging and absolutely essential, because EBS is an active participant in their clients’ health care programs.

 

We are in the browser dealing with HIPAA data across 40 different websites. With single sign-on and data compliance controls, Silo kills two birds with one stone!

 

What problem were you trying to solve?

Initially, we purchased Silo to ensure that our international and regular banking transactions took place in a secure browser environment. Very quickly, however, we realized that Silo could address a major challenge for our Reconciliation Team. The Reconciliation team creates invoices for clients to send

Customer Spotlight: Northshore Dental Associates

img_2014-07-16_Northshore-Dental

CUSTOMERS

Northshore Dental Associates serves the Muskegon and West Michigan communities with comprehensive dental services. Northshore Dental believes there is a strong connection between oral and general health, and that good dental health is the foundation of a healthy well-being. Northshore Dental’s staff focuses on general and cosmetic dentistry and is committed to partnering with patients in delivering professional care in a comfortable environment.


"We feel more secure about sensitive client data and HIPAA regulated data in the browser."


What problem were you trying to solve?

Like any healthcare service provider, Northshore Dental deals with a variety of sensitive patient information. Personal information, such as Social Security data or client benefits data, is protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Our business staff is interacting with critical data across a variety of websites. It is common for our partners, insurance services, and health care providers to deliver information using a web-based portal. Given that a breach