Beep boop - this is a robot. A new show has been posted to TWiT…
What are your thoughts about today’s show? We’d love to hear from you!
The discussion on “Zero Trust Browsing” by Cloudflare is really interesting, I punted the idea of airgapped browsing (and email access) from the corporate desktop after FOCUS 13. I actually brought the idea up to some contacts at Avecto at the time because I’d earmarked their product for managing admin rights and thought the same approach could work (in their case to limit/change the account being used to surf the Internet (and read mail) to be airgapped from the corporate account being used on the machine.
The assumption is that the device will become compromised at some point so either limiting any malware from leveraging the logged-in credentials of the user to access data and other resources as well as limiting the malware to being sandboxed or wiped and unable to spread.
I still think there is space to pursue this as properly airgapping the browser is expensive and not everyone could use it. Sandboxie did this to an extent and it really could be an advantage to build this into platforms too.
The distance between cost, convenience, UX and security has to be narrowed, especially for email and for browser usage.