Browser Isolation: Types Explained

Rick Deacon
3 min readAug 10, 2020

Cybersecurity threats have evolved. At one time attacks came through direct email or text messages. Now browsers are the greatest avenue of vulnerability, be it from malware, phishing schemes or most other type of security attack.

The new focus on the browser means cybersecurity experts have to find new and novel ways to protect against attacks. This new innovation in security is browser isolation. Not all kinds of browser isolation offer identical levels of protection, however. In addition, some variations of this technology detract from user experience and leave businesses without data critical to full functioning of their operations.

This blog post is an in-depth assessment of the types of browser isolation. It clearly identifies the advantages of using native browser isolation in cybersecurity strategy.

What is Browser Isolation?

Browser isolation is exactly what the term implies. It creates a gap between end users, their browsers, and the internet. This helps to prevent attacks from reaching the vulnerable systems of end users.

There are two primary ways to achieve browser isolation. While all achieve some level of protection, it is native browser isolation that comes closest to creating a bubble of protection against the digital world — instead of merely a castle with a few high doors.

Remote Browser Isolation

In remote browser isolation, the solution streams the internet to the browser of the end user. That browser is cloud-based. This separates the online activity through the browser from the end user’s systems.

This solution is a challenge to maintain. It can detract from the user experience, in particular by blocking access to sites that are safe. This means on-site IT staff must create a list of site exceptions that is continually updated. The maintenance takes time, and costs money in addition to adding to staff frustrations.

On the business intelligence side, it’s notable that remote browser isolation does not collect user data. That may be an advantage privacy-wise. But as companies know, user data is valuable and most organizations want access to that information. Remote browser isolation prevents this.

Perhaps most strikingly, remote browser isolation has specific vulnerabilities when it comes to cyber protection. This solution cannot stop phishing. Guarding against that particular threat comes via a downloaded list of known threats, which of course is always behind what’s actually out there.

Other security threats, in addition to phishing schemes, may also slip past the air gap. In summary, it’s better than current browser security technology, but is less than ideal for security.

Native Browser Isolation

Apozy’s solution is Native Browser Isolation. It is cloud-based, but uses technology within the browser to create a sandbox. This means there are no changes to user experience. There is no need to create exception lists. At the same time, there is no risk of clicking on a “bad site,” since Apozy’s proprietary visual intelligence spots those sites and makes the page read-only.

Native Browser Isolation is the only solution that prevents phishing, malvertising, malicious downloads, and all other browser threats in their entirety. In addition, this technology can report data around incidents. It reports data behind SSL, replacing SSL inspection.

An expert recently noted that was sets Apozy apart is not only its efficiency and efficacy, but the fact that it uses the browser’s existing technology. As a result, there is no need for additional hardware or IT staff time to make sure that the browser works the way the end user expects. In fact, the end user should notice virtually no difference between accessing the internet using the Apozy product and using any browser without this technology — except that they won’t be bothered by web attacks.

Want to learn more? Check out Apozy’s Airlock — powered by Native Browser Isolation.



Rick Deacon

Founder, Interlock. Hacker interested in startups, blockchain, and cars