HP Sure Click Secure Browsing for the Era of the Mobile Worker
HP Sure Click | Whitepaper
L52623-001, November 2018
© Copyright 2018 HP Development Company, L.P.
alternatively, can safely execute on actual physical resources. The user, however, should never see any difference in application appearance, behavior,
or workflow.
Application isolation in micro-Virtual Machines
The power of application isolation is simple and straightforward—to remove the opportunity
for an unknown threat to cause harm—but the execution is quite difficult. That’s why HP has
worked with Bromium to leverage their unique, patented approach to micro-virtualization at
the hardware level, protecting the host PC from below the Windows operating system kernel,
dramatically reducing the attack surface. Untrusted application content stays safely
protected within each micro-VM. Bromium’s one-of-a-kind approach provides protection-by-
design against zero-day threats based on exploits in applications, browsers, and the kernel, a
trifecta that traditional and next-generation defensive solutions can’t come close to
matching.
On HP Sure Click–protected endpoints, common Office documents in read-only mode, such as Word, Excel, and PowerPoint, in addition to Adobe PDF
files, are application-isolated from each other and from the host PC—right down at the hardware level. They reside inside safe, disposable micro-VMs,
so users can smoothly conduct their business without workflow disruptions, knowing that their systems are secure.
Stops initial infection and self-remediates
HP Sure Click protects against the dangerous patient-zero infection within the enterprise: the initial compromised endpoint from which attackers seek
to gain a foothold in the organization so they can conduct reconnaissance from lateral movement and privilege escalation.
In addition to preventing malware infections at the endpoint, HP Sure Click endpoints self-remediate when the user closes the application window or
browser tab, preventing costly and time-consuming manual remediation. Malware simply disappears forever when the micro-VM is closed, never
impacting the host PC or taking root within the organization.
Prevents infection spread
When malware runs on an isolated micro-VM on an HP Sure Click–protected endpoint, it executes as intended inside the safe, disposable container,
with no way to escape into the host PC or other network devices. Not only is the initial target PC protected, so are all other network-connected devices
that interact with the targeted host. Malicious code has nowhere to go and can’t reach any sensitive data or processes on the host, the network, or
other connected devices. Malware can’t access the intranet or file shares, preventing lateral movement and expansion.
Lowers costs of investigation and remediation
Ponemon Institute research shows that organizations receive almost 17,000 weekly malware alerts, but only 19 percent are deemed to be reliable,
and only 4 percent are investigated.
7
Making matters worse, two-thirds of the time spent by security staff responding to malware alerts is wasted
because of faulty or incomplete intelligence. Detection is clearly broken—it’s costly, time consuming, ineffective, and faulty in its premise and its
execution. There is a better way.
With HP Sure Click, investigation and remediation are vastly streamlined and reduced. Since HP Sure Click protects endpoints automatically and self-
remediates every time users close the micro-VMs containing malicious documents or web pages, the organization’s actual remediation efforts can be
reduced to the remaining endpoints not protected by HP Sure Click and other attack vectors.
5
Symantec, Internet Security Threat Report Volume 23, 2018
6
Verizon, 2017 Data Breach Report, 2017
7
Ponemon Institute, 2015 Cost of Malware Containment; page 1
MALICIOUS ATTACHMENTS ARE PERVASIVE
The average user receives 16 malevolent
emails per month.
5
66% of malware was installed via malicious
email attachments.
6