Protect Against Bad Attachments and Employee Downloads

by | Feb/23/2017

Imagine giving each of your team members a loaner computer every time they need to open a file that they download or receive as an attachment. The loaner computers won’t be connected to your network, so if a file is infected, ransomware and other viruses would not affect your network.

Note: This blog is written for non-technical executives. So, if this sounds too technical, that’s fine, just skip the rest and know your computers can, in theory, be protected even when a user opens a malicious attachment or downloads a malicious file.

The experience would be that, when a user needs to open five PDF documents, you could temporarily give that user five new computers. One computer to use for each opened attachment or downloaded document.

If one of the files contains ransomware, the infection would be isolated to just one of the computers, and would not affect the user’s normal computer, nor your network.

Instead of you needing to buy more computers to loan to your team members, what happens is that a brand new tiny Windows Operating System gets created automatically, for each attached or downloaded file.

A product called Bromium is designed to do this, and Microsoft has something more basic called WDAG. Bromium only sold to companies with 500 or more computers, but will be offering services to smaller companies, and is even shipping free on some laptops soon. Your IT professionals can get a free copy now at Bromium dot com forward slash freebeta to experiment with this micro virtualization.

There was so much to see at the RSA Security convention last week. I’ll be sharing some of the more interesting technologies with you over the next few weeks.

We do not receive any kind of compensation for mentioning products. Nor are we endorsing the products. It just helps for you to hear about these neat technologies.

Please forward this to your friends who are concerned about users opening attachments and downloaded files.