Reinventing Professionals: What are the benefits of a virtual browser system?
Ari Kaplan talks to Scott Petry, the co-founder and CEO of Authentic8, about potential solutions to law firm security struggles. Authentic8 is the creator of Silo, a secure virtual browser.
This Q&A has been condensed.
Ari Kaplan: Tell us about your background and the genesis of Authentic8.
Scott Petry: In 1999, I started Postini, which used a novel approach to filtering and securing email. In 2007, we were approached by Google to start integrating our technology with their enterprise products, and they decided to acquire us. I spent three years at Google and worked on some really interesting projects, but when I was thinking about what I wanted to do next, I saw some similar trends in the browser space that were in email seven or eight years prior. Specifically, open internet standards were creating vulnerabilities inside of organizations. So, we started looking at the browser and how we might use some novel technologies to secure and manage it to develop a more reliable asset for business.
Ari Kaplan: What are the security issues associated with a typical browser?
Scott Petry: The original technology stack was invented as a way for academic institutions to freely share information across their research networks, and that basically meant connecting through remote servers accessing text-based documents. It became a standard in that community and made its way into the commercial markets. Later, the standards were extended to support richer forms of content or executable code. What we see today is that the browsers are still using those same protocols connecting to remote hosts, downloading arbitrary blobs of third-party code, and executing it in a local environment. Most of the time it’s good, with pages that flow, render, and deliver all kinds of content. It can also be malicious content that might start to encrypt files or redirect users to malicious sites by tailgating on the normal web code and using standard protocols to get inside of an organization beyond most normal security technologies.
Ari Kaplan: How does Silo work?
Scott Petry: We browse the internet but use our computer instead of yours. When the user starts the session, we build a fresh virtual browser on our servers that keeps 100 percent of the code out in our environment away from the user’s device and network. All of the web code—whether it’s a movie, graphics, or script-based content—executes in our environment. Our servers then turn that web native experience that the remote browsers view into a set of display data, which we encrypt and deliver over a secure channel down to the user. You can think about it as kind of interactive movie of a website while the actual execution of the code stays on our servers.
Ari Kaplan: What are the benefits of a virtual browser system?
Scott Petry: Customers outsource their surface area to us instead of exposing your network, your identity, and your device to third party code that’s floating around on the internet. It stays in a secure container that executes in our environment. We go to great lengths to make sure that content is rendered completely and securely, and that the user can still interact with this remote display. We have also focused on certain policy controls that allow the administrator to determine what exactly a user can or cannot do with the browser.
Ari Kaplan: How does this technology specifically benefit the legal industry?
Scott Petry: The legal community was an early adopter of Postini technology. It was our first really successful foothold into the enterprise market, and it has responded well to the premise of a virtual browser. IT inside of law firms is under significant pressure to increase its information security controls. Their financial clients,or those that might have intellectual property that resides with the legal team, are auditing law firms. Those customers are starting to require vendors to abide by the same security mechanisms. And if they don’t, they will not use them as a vendor anymore. Firms are, therefore, subject to increased audits and oversight by their clients. Employees, however, want free and open access to the internet. With Silo, IT is able to meet the needs of both groups. It can lock down the local browser so that users can’t do anything erroneous or inappropriate. They can also provision access to things like social media or webmail because Silo acts like a disposable remote browser that allows them to get access to those personal sites without jeopardizing the firm’s environment.
Listen to the complete interview at Reinventing Professionals.
Ari Kaplan regularly interviews leaders in the legal industry and in the broader professional services community to share perspective, highlight transformative change and introduce new technology.