HP Sure Click User Manual

4AA7-4555ENW, August 2020

According to Symantec, 1 in 13 web requests lead to malware1 by tricking the user into
downloading and opening malicious documents. Over 90% of non-browser-based attacks
occur from opening files from e-mail attachments, with Microsoft Word documents
accounting for over 67% of all malware attacks2. While attacks through the browser remain a
threat, a huge attack surface stretched thin by the need to support legacy applications and
application frameworks (i.e., JavaScript, Flash, and Java), recent security-focused advances
to modern browsers have caused attackers to shift their focus to document-based attacks.

Table of Contents

The Primary Attack Surface has Changed ........................................................................................................................................ 2

The Challenge ....................................................................................................................................................................................... 2

The Legacy Approach is not Up to the Task ..................................................................................................................................... 3

A Crisis in Patching ............................................................................................................................................................................... 3

A New Approach is Urgently Needed ................................................................................................................................................. 3

Security via Application Isolation ....................................................................................................................................................... 3

Separating the Trusted from the Untrusted .................................................................................................................................... 4

Application Isolation in Micro-Virtual Machines ............................................................................................................................... 4

Stops Initial Infection and Self-Remediates ..................................................................................................................................... 4

Prevents Infection Spread .................................................................................................................................................................. 5

Lowers Costs of Investigation and Remediation ............................................................................................................................. 5

The Solution .......................................................................................................................................................................................... 5

About HP ............................................................................................................................................................................................... 6

Because more people are working from home today, they are inadvertently using unprotected home
networks and accessing increasingly complex applications from vulnerable endpoints. Whereas enterprise
networks frequently employ products to shield endpoints from attacks, over 80% of home office routers

HP Sure Click

Security through Isolation in the Era of the Home Office

4AA7-4555ENW, August 2020

2

have been found to be vulnerable to potential cyberattacks3. This increases security risks for organizations,
as compromised endpoints could leak sensitive data, or even carry malware into the corporate network the
next time users connect physically or via VPN. Fortunately, there’s a way out.

HP Sure Click

3, 4

secures commonly used document types (Microsoft Word and PDF) while delivering a safe
and private ChromiumTM-based secure browser. HP Sure Click was originally developed through a
collaboration between HP and Bromium, the pioneers of application isolation using micro-virtualization
technology.

This revolutionary approach uses CPU features in HP machines to automatically isolate each supported
application5 type and each secure browser tab in a micro-virtual machine (micro-VM), protecting the
endpoint from malware—even from unknown zero-day attacks that traditional, signature-based antivirus
protection applications might miss. This granular, task-by-task isolation protects users as they work and
play, delivering unparalleled security and privacy within a fast, familiar, and responsive user experience.

With HP Sure Click, the endpoint device is able to shrug off browser-borne attacks—malware is blocked
from accessing documents, enterprise intranets, even other websites, and is automatically erased when the
tab is closed, thereby eliminating costly remediation and downtime.

The Primary Attack Surface has Changed

The rapid adoption of cloud and software as a service had fueled dramatic changes in end-user computing.
Internet-originated “drive-by” attacks, “man-in-the-browser”, “cross-site scripting”, and other web­delivered threats had become the dominant attack vectors. In response, modern browsers have been
redesigned with security as a primary focus. As browser vulnerabilities have become increasingly expensive,
attacks were shifted from browsers to documents, especially those delivered by e-mail, webmail, or
downloaded from risky websites. Most web-based attacks are now focused on tricking the user into
downloading malware-infested documents.

The Challenge

IT security teams face a daunting series of challenges in securing their networks against modern malware
intrusions, including advanced persistent threats (APTs), advanced targeted attacks (ATAs), polymorphic
malware, and file-less intrusions. Private, corporate, and public sector networks and infrastructures can
become prime targets for attacks led by organized criminals, political agitators, and other hackers eager for
access to critical content.