When a cyberthreat enters its target perimeter and begins the attack, the only thing one can do is try and minimize the damages as much as possible. But what if there was a way to trap such threats before they make it into the system?
As is known, malware detection tools for PCs and other devices usually warn you about threats that have already entered the system and provide ways to get rid of them as quickly and cleanly as possible. But what if the damage is already done and your perimeter has been breached?
There are solutions to such issues, such as services for capturing, disseminating, and disarming threats in a safe environment. With that in mind, Cybernews sat down to talk to Mor Miller, the Vice President of Business Development at BUFFERZONE – a security solution provider. We discussed how to deal with cyberattacks that are yet to happen.
BUFFERZONE started out more than two decades ago. What has the journey been like since?
BUFFERZONE evolved from Trustware (we changed the name to BUFFERZONE due to SEO and trademarking considerations). During its first decade, the company provided technology to expert home users looking for an easy-to-use sandbox for safely testing malware and other suspicious documents and executables. In 2014, the company launched with an enterprise focus, simplifying the technology by automating it for the average home and business user and adding a cloud layer for managing the containers. More recently, we introduced a standalone edition for seamless safe browsing and other security aspects.
Can you tell us a little bit about what you do? What are the main challenges that you help navigate?
BUFFERZONE endpoint isolation and containment keeps access to external, untrusted content, such as Internet sites, emails, or network drives and removable media in a virtual container, along with processes started by those sessions and anything they save or download. Contained processes cannot reach the native endpoint or organization resources such as an intranet; those are accessed only by uncontained browsing sessions and applications, which can’t have accessed untrusted sites.
One of the main challenges that users face (and that we address) is connecting to the Internet securely and comfortably and handling documents received via emails, USB, and network shared folders. At the same time, the desired solution cannot disrupt important, time-sensitive business.
What methods do you use to detect threats without compromising the user experience?
BUFFERZONE doesn’t need to detect anything. BUFFERZONE proactively protects users from advanced threats that evade conventional endpoint security products. Unlike detection technologies, BUFFERZONE takes a different approach to stop threats with a patented technology that isolates untrusted content from browsers, email, and removable storage in a secure container.
Did you notice any new threats emerge during the pandemic? Were there any new features added to your services as a result?
During the pandemic, some new threats emerged, and previously-existing ones, such as ransomware, intensified and re-emerged with new, more lethal strains. The workforce left their "protected" office network and started working in unprotected networks, where they are more vulnerable to attacks. A remote workforce comes with numerous dangers, with employees relying on their home networks – and sometimes their own devices – to complete tasks. The most obvious risk is that most of our tasks are conducted online.
Is endpoint security only relevant for big enterprises, or should small businesses implement this measure too?
Endpoint Security is relevant for both large enterprises, small businesses, and individual users. Building, implementing, and maintaining a comprehensive computer security program is quite a challenge for any organization, but especially so for small and medium-sized businesses (SMBs) with limited budgets and small IT and security staff. Nevertheless, it’s an absolute necessity. If your organization doesn’t have a strong IT security program, you’re playing a risky game. Many small businesses don’t have a large budget for a comprehensive layered security stack, so BUFFERZONE is a perfect solution for them, as it doesn’t require extensive IT staff or budget. As a matter of fact, BUFFERZONE can reduce the need to chase alarms and false alerts.
Despite the recent rise in ransomware incidents, many companies still hesitate to upgrade their cybersecurity posture. Why do you think that is the case?
Most companies are committing to change and are elevating cybersecurity risk to their top priority. Some smaller companies hesitate to upgrade their cybersecurity posture due to the level of complexity and cost associated with maintaining it.
What actions should organizations take immediately in the event of an attack?
A full answer to this question would depend on many factors. In any case, the first step is to notify the FBI.
In your opinion, what cybersecurity measures are must-haves these days, both for organizations and individuals?
In my opinion, both organizations and individuals should seriously consider a multi-layered approach to protect their most important digital assets with a focus on what you can do to secure your largest most vulnerable attack surface – the endpoint. By isolating and preventing attacks as they enter your environment, you can vastly improve your risk posture and give your employees the latitude to work without fear of allowing malware and other threats in the company. Start with prevention. Prevention is by far more cost-effective as a security measure than trying to detect when an attacker is already within your system. Moreover, once you are in the detection phase, you might also be experiencing actual damage.
Share with us, what’s next for BUFFERZONE?
BUFFERZONE is quickly becoming the default additional layer of protection next to AV/EDR by Microsoft and other players. Starting this year, selected top seller Lenovo PCs ship from the factory with a BUFFERZONE license. We will see containment becoming a centerpiece of the defense strategy for SMB and larger enterprises, delivered by MSP/MSSPs – mainly due to the added protection, simplicity, and cost-effectiveness to the service providers and the end-users.