How Cloudflare Browser Isolation protects your business during remote work

Amid an ongoing global pandemic and anxiety around new virus variants, remote and hybrid work are primed to become the new normal. Unfortunately, an increase in reliance on connectivity always corresponds with a jump in data breaches. What many do not know is that web browsers, the tool on which most workers rely for critical business applications - both in office or remote - represent one of the most difficult to control attack vectors.

First, browsers remain vulnerable to cybercriminal attacks such as browser-borne malware and zero-day threats. What’s more, a company’s internal user may copy-paste sensitive data into another website, application, or physical location. These actions, however innocent in many cases, can lead to a critical data breach.

As remote and hybrid work drive the use of browser-based work platforms, IT security teams must race to patch zero-day vulnerabilities and protect sensitive data stored in self-hosted and SaaS-based applications.

Traditional approaches to mitigating browser-related security issues are mostly focused on signature technology for data files and executables as well as lists of known good/bad URLs and DNS addresses. While effective in & of themselves, the drawbacks to these methods lie in keeping up-to-date with known attacks and their inherent vulnerability to zero-day attacks.


One of the most effective ways to get around these issues is the concept of “browser isolation”, which creates a “gap” between a user’s web browser and the endpoint device, thereby protecting the device (and the enterprise network) from exploitation and attacks. This is a zero-trust approach compared to secure web gateways, antivirus software, or firewalls, which rely on known threat patterns or signatures.

What are the different kinds of browser isolation? 

There are two primary browser isolation architectures: 

(1) local browser isolation, which attempts to isolate a browser running on a local endpoint using app-level or OS-level sandboxing, and (2) remote browser isolation (RBI), which protects the endpoint by moving the browser to a remote service in the cloud or to a separate on-premises server within the network.

RBI solutions carry significant advantages compared to local isolation tools in terms of enabling IT control. However, up until now they have come with a catch: the need to choose between performance and security.

By relying on “pixel pushing” solutions to provide users a visual proxy of the remote browser, the IT admin gains security but loses performance due to latency and heavy bandwidth usage. Conversely, “code scrubbing” techniques that unpack, inspect, and repack the webpage for better performance often lead to broken websites and undetected threats that can compromise users.

Cloudflare Browser Isolation: security and performance in one solution   

CloudMile partner and market-leading web security firm Cloudflare is dedicated to offering browser isolation solutions that provide security without sacrificing performance.

Cloudflare Browser Isolation executes all website code (including HTML) in a remote browser hosted on the company’s own edge. Since page content remains on the remote browser and draw instructions are only sent to the browser, Cloudflare Browser Isolation can effectively protect sensitive data on any website or SaaS application.

This, combined with Cloudflare’s novel Network Vector Rendering technique, ensures that web pages are safely and consistently rendered even as web technologies evolve and become more complex.

Additionally, admins can now perform actions such as building rules that prevent workers from copying information from their company’s CRM or printing data from an ERP, without blocking their attempts to print from external websites where printing does not present a data loss risk. Websites look and behave normally to the user until they perform a restricted action.

Powered by the engine driving Google Chrome, Microsoft Edge

Cloudflare Browser Isolation is built on top of open-source codebase Chromium, the same engine that powers Google Chrome, Microsoft Edge, and multiple other top browsers. This means the significant ongoing investment in the engine ensures the highest levels of website support, compatibility, and continuous upgrades. 

Powered by Chromium and the company’s own edge, Cloudflare Browser Isolation uses a novel approach to ensure the data security of CloudMile customers as they build their reliance on connectivity and browser-based applications for remote or hybrid work.  

Click here to learn more about how CloudMile x Cloudflare helped one of the biggest Taiwanese cooking platform to focus resources on business development

Subscribe to Our Newsletters

Grow Your Competitive Edge With Our Insights.