Experience the ultimate flexibility with the Isolation API, allowing you to securely Quisque pellentesque id ultrices lacus ornare elit vitae ullamcorper. Learn More

home-icon

To minimize risk of exposure, financial firm’s corporate security has routinely blocked analysts’ access to certain categories of sites. These restrictions, however, hindered the investment professionals’ research efforts, and the process of requesting access proved unnecessarily cumbersome and time-consuming. With Silo, the firm has implemented a company-wide solution that enables secure web access to all its employees and affiliates – without compromising security. 

How a security-first approach protected billions in client assets

To deliver innovative, diverse and scalable investment solutions, the firm operates through a network of affiliates, each serving its own set of private and institutional clients. As a financial services company, the firm prefers to take a conservative, risk-averse approach, especially when it comes to accessing sites that could expose investment analysts to malware, clickjacking or cross-site scripting (XSS) attacks. To protect against redirects to compromised sites and other potential threats, the firm relies on Silo for risky or uncategorized web link protection and browser isolation.
 
The task of ensuring company-wide compliance with security and regulatory requirements falls on the corporate Information Systems Security (ISS) group. When a new ISS officer joined the team in 2021, he immediately noticed that the firm’s process of blocking whole categories of sites didn’t meet the needs of all their affiliates. “Typically, we block sites that we don’t want our employees to access while at work, such as gambling or gaming platforms,” explains the security officer. “But what happens if one of our affiliates is looking to invest in one of these companies? They need to go to the gambling website to do their due diligence – review the company’s financials, download annual reports, etc., and it becomes both frustrating and burdensome for the analyst when they can’t use their browser to look up the information they need to do their job.”
 
The process of circumventing the blockade required the analyst to open a support ticket, which often took several days to resolve. A security team employee would have to review each requested site individually and manually add it to the “allowed” list. “My predecessor even considered hiring a dedicated support engineer to deal with these exception requests,” continues the security officer. “It was a real cost to the business and a pain for anyone who had to put their research on hold to wait for us to resolve support tickets.” 

SHARE ON:
Shadow of tall buildings with text that has industry, use case, organization, and Authentic8 product

 

“Continue securely in Silo”

The security team needed a solution for keeping their employees and data secure without impeding productivity or creating unnecessarily strict policies and governance procedures. They also recognized that even the strictest list of “banned” sites and ongoing employee education efforts could not fully protect the company from accidental exposure – a user clicking on a seemingly innocuous ad or being redirected to a compromised site could open the door to malware attacks. “We didn’t want to end up in the news because of a data breach or another cyber-related compromise,” explains the security officer. “We needed to look at the problem differently – how we could give our employees their freedom while ensuring that the business wasn’t exposing itself to threats.”
 
The Silo engineering team worked with the firm’s security leadership to create a solution that would help eliminate web-borne risks across the enterprise. Users responded favorably to the new setup – Silo provided a familiar browsing experience without the need to contact support every time they came across a restricted site. With single sign on (SSO) and automatic redirects to an isolated environment, Silo proved to be easy to use and scalable across the firm’s many affiliate locations. 
 
When a user encounters a blocked page, a message on the screen offers them to “Continue securely to Silo”. Once the user chooses this option, a Prisma Access security service edge (SSE) platform seamlessly redirects them to a new isolated tab within their browser, where they can view a blocked site instantly, without having to create a support ticket. 

 

“Typically, we block sites that we don’t want our employees to access while at work, such as gambling or gaming platforms, but what happens if one of our affiliates is looking to invest in one of these companies?"

-

Silo’s comprehensive security controls also help manage file downloads and other user actions. Prior to downloading, each file is scanned using Silo’s anti-malware tools, followed by additional inspection by the firm’s Endpoint Detection and Response (EDR) security solutions. The firm also takes full advantage of Silo’s Data Loss Prevention (DLP) capabilities: to keep sensitive data from being inadvertently (or intentionally) leaked. The firm’s security team chose to disallow any content copy and paste into websites that are accessed through Silo. “We are very sensitive to the risk of data exfiltration – such as bulk uploads of customer account information onto potentially malicious sites through either user error or bad intent – and we use Silo to put in place security controls to prevent this from happening,” explains the security officer. 

Another important security policy prevents the firm’s employees from downloading and accessing data from file sharing sites, such as a Dropbox or Google Drive. Prior to implementing Silo, users who needed access to these files had to request assistance from the support team to download and scan content for them. Today, file sharing site access is handled through Silo, and users are free to download content directly from these sources – with safety and compliance assured by Silo for Safe Access.

The implementation of Silo’s Secure Browsing has not only secured the vulnerable data of the firm, but has lessened the workflow burdens for all employees, including security.

“We didn’t want to end up in the news because of a data breach or another cyber-related compromise"

-

Related Success Stories

success-story
success story

Top-ten financial institution identifies threats and fraud

Top-ten financial institution identifies threats and fraud A top-ten financial institution relies on Silo for Research for their cyberthreat intelligence, financial fraud and anti-money laundering investigations. By adopting the solution, the firm was able to have a secure, anonymous browsing…

Read more
success-story
success story

Enabling remote work for discriminating professionals

Enabling remote work for discriminating professionals Inspired by the COVID-19 pandemic, organizations within the DoD turned social distancing and telework directives into the opportunity to expedite progress on their digital transformation initiatives. While others were seeking a short-term…

Read more
footer cta Image

Get Started

Want to learn more about the Silo Web Isolation Platform? Have a general inquiry about Authentic8? We’d love to chat! Click one of the buttons below to get in touch with our representatives.
REQUEST A DEMO CONTACT US
Close
Close