"Even getting onto the Internet at a hotel or café is risky -- captive portals are renowned for delivering malware to endpoints," said Crosby. "Bromium vSentry v2.0 protects mobile devices when they interact with untrusted networks, USB devices, and other external content. Every task that interacts with an untrusted network is hardware isolated by the microvisor, guaranteeing that malware cannot attack the system. Moreover, when users access enterprise applications from an untrusted network, the enterprise can be sure that those tasks are also independently hardware isolated. They are instantly created from the known-good golden OS image, are securely connected to the enterprise VPN or to a SaaS application using an SSL connection, and therefore the enterprise can be sure that the remote user's access is secure."
Even if malware is present, it won't affect the host itself -- it accesses only the micro-VM, which will get tossed out anyway once the window or thread is closed.
The safe collaboration aspect of vSentry is important. At the end of the day, in order for vSentry to pass the sniff test with end-users, everything in the user's environment must work like "normal."
On a day-to-day basis, employees need to be able to safely interact with content that originates from within or comes from outside the organization. They may require access to content deemed "untrustworthy" that comes from removable media, the Web, email, or social applications. At the same time, users need to collaborate and easily exchange documents with one another.
According to Crosby, when they do so, they need to access content from others that ultimately is of unknown provenance. Is the email actually from your business partner, or is it a fake? Has an attacker put malware into files in the Dropbox folder you're currently accessing? It's ultimately unknown. Absent an ability to decide whether any piece of content is good or bad, Microsoft (and Apple) leaves the choice to the user, requiring that they decide whether or not to trust a document before interacting with it.
"Our latest release provides the protection needed when users are exchanging documents with one another," said Crosby. "Until now, products have placed the burden of decision making on the end-user as to whether or not something is secure and if it should be opened. As an example, if a user receives a Word document that is compromised in some way, and the system alerts the user that the document could potentially be unsafe, how many people will click OK and move on in spite of the warning? Probably quite a few, and now, the organization could be at risk."
vSentry 2.0 helps address this problem by granting users the ability to access and edit content without ever having to trust it, which enables them to be productive without the risk because these things always run in a micro-VM.