by Tova Osofsky
Posted on August 1, 2023
Want to interview Tova?Contact
In a surprising – and ironic – case of “Do as I say, not as I do,” Google is running a pilot program that cuts off some employees’ web access in order to reduce the threat of cyberattacks.
In effect, Google is waving the white flag on their own products. Admitting that the web is too dangerous, too frequently the delivery medium for cyberattacks. Implementing a nuclear option to address the discomfiting fact that malware from the web, delivered to one user’s device, often triggers a major corporate security breach. And, as often as not, does so via Chrome, Gmail, Google Ads or Google Docs.
Admittedly, the internet is a scary place. Every time a user surfs the web or clicks on a link in an email, they may potentially be triggering devastating malware that could lock up company data, steal valuable secrets, or quietly infect networks, allowing malicious actors to lurk for months or years before acting.
The Google Pilot’s approach is certainly one way – although in our opinion, not the best way – to protect organizations from the dangers of the internet. Log out. Just stay away from the internet. The problem with this approach – beyond the very significant fact that most work today requires internet access – is that as long as anyone is online, the risk remains.
Every tech company has secrets it wants – needs! — to protect. Based on its size and success, Google undoubtedly has more, and more valuable, secrets than most. Its DeepMind AI research lab, Magi AI chat-driven search project, and in-house incubator where employees can pursue passion projects are just three examples.
Having a great deal to lose from theft of its intellectual property, Google takes cybersecurity very seriously. So seriously, in fact, that in 2017, it required all users to authenticate with physical security keys. Now, according to CNBC, the new pilot program has select employees who work on highly sensitive projects working on internet-free desktop PCs. The reasoning is that they are not on the internet, they cannot lose sensitive data over the internet.
The pilot program originally included over 2,500 employees. Based on feedback from users, the company decided to allow at least some employees to opt out and others to volunteer to participate. Google is also disabling root access for some employees, which would eliminate their ability (and the ability of any hackers) to install software or run admin commands.
Employees in the pilot program still have access to internal web-based tools, and Google-owned sites such as Google Drive and Gmail, which may go a long way to explaining why all participants have not opted out.
While blocking access to the internet is certainly one way to protect against internet-delivered cyberthreats, it is a very radical one. It might work for some small subset of employees who work in a “silo” and don’t need to know what the competition is up to, don’t need to access public web-based tools, and don’t need to interact with vendor or customer websites. But for the vast majority of employees in today’s wired world, disabling internet access is simply not a practical approach to cybersecurity.
In fact, in recent years, the TV and video content industry has travelled a path that is the reverse of Google’s. Not because they have grown less cautious about the risks of IP leaks or malware attacks, but rather because they found a solution that enabled them to have it all – bulletproof protection from data loss and a solution that prevents even undetectable internet-borne malware like zero days from getting in.
Few industries are as protective of their content as the major motion picture (and now streaming service) studios. All information is strictly controlled and doled out in accordance with strict marketing plans, designed to build the suspense that generates huge opening box office and hefty ad revenues.
But today, filmmaking is a more collaborative process than ever before. Hundreds of internal artists as well as employees of independent visual effects studios provide specialized services for the majors, ranging from color correction to animation and CGI. Until a short while ago, MPA security guidelines required artists to use workstations with no internet access due to risk of IP exposure, whether intentionally, accidentally, or through cyberattack.
Sound familiar, so far? Here’s where our stories diverge.
Beyond being irksome for users, internet separation introduced significant inefficiencies into the MPA Trusted Partner Network (TPN) studios’ work. Additional workstations, staffed by dedicated IT teams, were required to handle user requests for materials that they would have otherwise downloaded themselves within seconds. The request-download-sanitize-transfer process could take hours or days. If the content that a user requested turned out to be not exactly what was needed, the request/wait cycle would start once again. The burden, in terms of cost, productivity and user frustration, was simply too great.
In recent years, MPA has approved use of Remote Browser Isolation (RBI), a powerful technology that enables studios to prevent exposure of valuable IP and web-enabled cyberattacks without full workstation separation from the web, and without exacting tolls on productivity and profitability.
Ericom Web Isolation is a Zero Trust solution that operates on the assumption that all internet content is dangerous, and that data that can escape, will. Instead of restricting user access due to these risks, Web Isolation leverages RBI to “airgap” devices and endpoints from the internet. Websites are opened in the cloud and only clean rendering data is sent to the user device. To prevent credential theft, suspicious sites delivered via links in emails or social media posts can be opened in read-only mode. Downloads are sanitized via Content Disarm and Reconstruction (CDR) and arrive with desired functionality intact. Data loss protection (DLP), data sharing, and access policy controls are applied in the cloud to block confidential data, PII or other sensitive information from being lost.
Unlike traditional secure web gateways and firewall solutions, which only protect against threats they can detect, Ericom Web Isolation protects organizations against undetectable threats like the zero-day exploits that cybercriminals deploy. Yet it fully protects users, devices, and networks from the sorts of web threats that concern MPA studios and Google alike. Users still get full access to the web and cloud apps, yet organizations are safeguarded from threats via the clientless, cloud-delivered, isolation technology.
Google’s dramatic pilot program illustrates just how dangerous the tech giant considers the internet to be. Staying off the internet is certainly one way to avoid much cyber risk, much as staying home allows you to avoid injury in a car accident. But for organizations that value speed and productivity as well as security, Ericom Web Isolation providers a smarter, more reasonable approach. Google should consider it, too.
The FBI-led takedown of Qakbot was an operation that involved seven countries. Malware was removed from 700,000 computers. But don’t think all that makes you safe.
Generative AI empowers its users to work fast, better and more efficiently. Alas, this includes cybercriminals, who are using malicious GenAI platforms to accelerate zero-day exploit creation.
Cybercriminals love the multiplier effect they get from attacking law firms: Hack in, and they get firm data PLUS juicy confidential client info.