A remote browser allows users to access and interact with websites via a benign video display of web code rendered in the cloud. Remote browsers are either remote appliances with just enough operating system to run, or standalone applications in a virtual machine that contain a copy of the entire operating system. When organizations use a virtual browser, untrusted web content is rendered safely within a secure cloud-based container, with the end-user viewing the session remotely. The workstation only receives a harmless video and audio stream of the cloud browser session, preventing malicious code from infecting the user’s local workstation. The user can still view, interact with, and process web content using a familiar interface; however, it is in a completely safe manner that isolates the untrusted web from the trusted internal organization network.
Commercial browsers like Chrome, Firefox and Safari allow web code to execute on a user's desktop computer or mobile device. These browsers are tightly integrated with the operating system, and facilitate tracking and browser fingerprinting even if the user is in private browsing mode. Remotel browsers keep web-borne threats such as malware off an investigator’s device and internal networks, keeping enterprises and government agencies safe.
Both the remote browser and the isolation (remote) browser are logically or physically separated from a local computer's underlying operating system. A remote browser can run in a remote environment on a local computer (logical separation), or in a cloud-based service (physical separation).
An isolation browser is a form of remote browser that is physically separated from the local system and runs entirely in the cloud. Partial isolation browsers can still pose some risk to investigators because after they inspect web content, they still download it to the local computer. Full isolation browsers don’t download anything from the web, allowing online researchers to safely view and interact with any type of content.
All online investigators encounter cyber risk. Any link you click on, or site you navigate to, poses a potential risk of malware that could download to your device and can spread to the network. Malware comes in all shapes and sizes – from ransomware that could shut down your entire network, to keyloggers that can track everything you type. This is why browser isolation is important — particularly in investigations that will likely encounter bad actors or risky content, as in law enforcement investigations — to keep absolute separation between the browsing environment and the device. A remote browser provides a full browser experience without the risk of exposure to malware.
But there’s another risk particular to investigators: tipping off investigative targets simply because of how most commercial browsers work. Traditional browsers like Chrome, Firefox or Safari track users during — and even between — browsing sessions and obtain an array of information about their device, browsing activity and more.
Tracking mechanisms are designed to tailor browsing experiences based on your location, device settings, browsing history, browsing behavior and details of the browser itself. These details are not just collected by the browser, they’re conveyed to the websites you visit and their owners. For investigators, these practices hold a real risk of exposing their identity and intent, which could force criminals deeper undercover, compromising the investigation, or even inviting a personal attack. Using a cloud-based remote browser can give you a fresh browsing experience in every session, eliminating persistent tracking mechanisms that follow you as you search — even after you close and relaunch the browser.
Each time you launch a remote browser, you start with a clean slate. This means the search terms used, websites visited, browsing patterns, time of use, shopping preferences, etc. won’t reveal your identity.
Remote browsers also allow investigators to manage their attribution — customize how they appear to sites and people they interact with online through the manipulation of their digital fingerprint. Aligning language and keyboard settings, browser type, OS and other device details — as well as the internet egress location — to those common for typical visitors on sites of interest will avoid tipping off the site’s operator/owner that they’re under investigation.