We Have Answers: Questions from the ‘How Virtualization Protects Your High-Value Assets’ Webinar
We always encourage our audience to participate in the discussion by answering polls and submitting questions to the presenters. Below are answers to the inquiries that came in during today’s session. If you didn’t get a chance to ask your question or would like to have a follow-up discussion with the Bromium team, feel free to contact us.
If you missed the live webinar, would like to listen to it again, or want to share it with your team, you can access the on-demand replay below . All registered attendees will receive a link to the latest voke Impact Note, which focuses on the need to protect high-value assets (HVAs) using innovative solutions such as Bromium Protected App.
Do I have to worry about insider threats?
There are many products on the market today that help prevent threats from getting in. But there are so many ways that bad things can get onto your network, from malware to credential theft. No matter how many defenses you put in place, there’s no way to know for sure what might be lurking out there.
It’s time to embrace the uncertainty and operate under the assumption that networks will be breached, and endpoints will be compromised and hostile. Instead of trying to defend against every potential threat from external hackers or malicious insiders, you need to change your mindset on protecting what’s most important to the organization.
New technologies such as Bromium Protected App can help you get comfortable with this new reality and secure your most critical data and IP.
Is this solution similar to Hysolate?
Hysolate is a fairly recent technology that splits PCs into multiple different domains. A similar solution was developed around 7-8 years ago by our founders in a product called XenClient. They designed a solution that divides a PC into different worlds, giving the users a choice into which world they want to perform their tasks in: an Internet world, a corporate world, or the world that has access to sensitive data.
Hysolate operates on a similar principle, ultimately leaving it up to the user to make the decision. Unfortunately, users are not very good at making these choices. If they select to do a task in a corporate world, there’s a good chance they might end up checking their Facebook feeds, or opening a personal domain only to switch to a work-related task a minute later.
What’s more, the VMs that are used to maintain those worlds are persistent, so any malware that manages to penetrate security layers will stay long enough to cause damage. With Bromium Protected App, we don’t ask the user to make the choice between domains, and we rely on single-use disposable VMs, so there’s no possibility for attacks to cause any real harm before the VM is destroyed, along with any malware it may contain.
What’s the performance impact of having multiple VMs on the same host?
Bromium has always been about running lots of VMs on a single PC – sometimes 30-40 different ones on all types of devices. We have been doing this for years, and have always focused on building the best hypervisor technology to optimize performance. With Bromium Protected App, performance is an essential consideration, and we are committed to providing the best performance for our customers’ devices.
Are you suggesting that we abandon our other security tools and just run Protected App?
This really depends on your situation and security needs. Some organizations will continue to deploy several security tools to protect their enterprise-managed PCs, networks, and applications. Bromium Protected App could be a complementary solution to help them enhance the security of their HVAs, in addition to other protections that they have put in place.
There are other use cases where companies find that they don’t need security tools beyond Bromium Protected App because they only care about securing one specific asset. One such company is focused on collectively editing content that’s hosted on a corporate network. Contributors connect to this content from all around the world, using devices that are outside of the company’s control. Investing in managing, patching, and protecting those devices is not important to the content provider, as long as the link to their IP remains safe and secure.
Another example is a company operating a call center, which employs contractors connecting to the corporate network remotely, from home, or other locations. Keeping their customer database safe is the company’s top priority, and Bromium Protected App is the only security solution they use to keep their critical asset safe from threats.
That’s it for questions. Thank you and hope to see you at our future events!