HP Sure Click User Manual

HP Sure Click

Security through Isolation in the Era of the Home Office

According to Symantec, 1 in 13 web requests lead to malware1 by tricking the user into downloading and opening malicious documents. Over 90% of non-browser-based attacks occur from opening files from e-mail attachments, with Microsoft Word documents accounting for over 67% of all malware attacks2. While attacks through the browser remain a threat, a huge attack surface stretched thin by the need to support legacy applications and application frameworks (i.e., JavaScript, Flash, and Java), recent security-focused advances to modern browsers have caused attackers to shift their focus to document-based attacks.

Table of Contents
The Primary Attack Surface has Changed ........................................................................................................................................	2
The Challenge.......................................................................................................................................................................................	2
The Legacy Approach is not Up to the Task .....................................................................................................................................	3
A Crisis in Patching ...............................................................................................................................................................................	3
A New Approach is Urgently Needed.................................................................................................................................................	3
Security via Application Isolation .......................................................................................................................................................	3
Separating the Trusted from the Untrusted ....................................................................................................................................	4
Application Isolation in Micro-Virtual Machines ...............................................................................................................................	4
Stops Initial Infection and Self-Remediates.....................................................................................................................................	4
Prevents Infection Spread ..................................................................................................................................................................	5
Lowers Costs of Investigation and Remediation .............................................................................................................................	5
The Solution..........................................................................................................................................................................................	5
About HP ...............................................................................................................................................................................................	6

Because more people are working from home today, they are inadvertently using unprotected home networks and accessing increasingly complex applications from vulnerable endpoints. Whereas enterprise networks frequently employ products to shield endpoints from attacks, over 80% of home office routers

4AA7-4555ENW, August 2020

have been found to be vulnerable to potential cyberattacks3. This increases security risks for organizations, as compromised endpoints could leak sensitive data, or even carry malware into the corporate network the next time users connect physically or via VPN. Fortunately, there’s a way out.

HP Sure Click3, 4 secures commonly used document types (Microsoft Word and PDF) while delivering a safe and private ChromiumTM-based secure browser. HP Sure Click was originally developed through a collaboration between HP and Bromium, the pioneers of application isolation using micro-virtualization technology.

This revolutionary approach uses CPU features in HP machines to automatically isolate each supported application5 type and each secure browser tab in a micro-virtual machine (micro-VM), protecting the endpoint from malware—even from unknown zero-day attacks that traditional, signature-based antivirus protection applications might miss. This granular, task-by-task isolation protects users as they work and play, delivering unparalleled security and privacy within a fast, familiar, and responsive user experience.

With HP Sure Click, the endpoint device is able to shrug off browser-borne attacks—malware is blocked from accessing documents, enterprise intranets, even other websites, and is automatically erased when the tab is closed, thereby eliminating costly remediation and downtime.

The Primary Attack Surface has Changed

The rapid adoption of cloud and software as a service had fueled dramatic changes in end-user computing. Internet-originated “drive-by” attacks, “man-in-the-browser”, “cross-site scripting”, and other webdelivered threats had become the dominant attack vectors. In response, modern browsers have been redesigned with security as a primary focus. As browser vulnerabilities have become increasingly expensive, attacks were shifted from browsers to documents, especially those delivered by e-mail, webmail, or downloaded from risky websites. Most web-based attacks are now focused on tricking the user into downloading malware-infested documents.

The Challenge

IT security teams face a daunting series of challenges in securing their networks against modern malware intrusions, including advanced persistent threats (APTs), advanced targeted attacks (ATAs), polymorphic malware, and file-less intrusions. Private, corporate, and public sector networks and infrastructures can become prime targets for attacks led by organized criminals, political agitators, and other hackers eager for access to critical content.

4AA7-4555ENW, August 2020

2