Home / Use cases / File Isolation: Cloud-based

File Isolation: Cloud-based

SquareX’s cloud-based file isolation creates a secure environment for safely viewing files. With support for all popular file formats, enterprises can seamlessly build policy and apply isolation to any file type. Combining this with properties such as origin of the file, scan result, presence of macro etc, allows enterprises to protect users in their day to day workflow without hampering job functions and business operations.

Isolate file downloads from Social Networking Sites

Social networking sites have alarmingly low malicious file detection capabilities. Since these are generally popular domains with high foot traffic, enterprises tend to allow access to them. However, these sites are frequently used to distribute malicious files. Isolating downloads from these platforms protects users from inadvertently downloading harmful content. To do this, admins can utilise the AI policy generator with the prompt ‘Isolate File downloads from Social Networking Sites’. The outcome of the policy would be:

Isolate file downloads from any website that is not a popular domain

Less widely recognized or unpopular domains typically have lower domain authority for several reasons: they may have lower search volumes and site visits, operate as internal websites, be newly created, or deliberately block crawlers from indexing. Files from these sites (apart from internal apps) are less trustworthy as they could harbour undetected malicious content. This poses a risk in spear phishing campaigns where links may be sent privately to employees. Isolating downloads from these less credible sites is crucial to protecting employees from potential threats. Isolating downloads from these less credible sites helps protect employees from potential threats. Admins can prompt 'Isolate file downloads from any website that is not a popular domain' using the policy generator (SquareX considers top 50k domains from the tranco list as popular domains). The expected outcome would be:

Create context-specific policies pertaining to personal and professional workflows

With remote and hybrid work environments where the boundaries between professional and personal internet usage on work devices are increasingly blurred, majority of employees use their office-issued devices for personal tasks such as emailing, online shopping, and social media browsing. Traditionally, enterprise security systems have been designed to protect professional workflows. On the same device, an attacker could break through a user’s personal online activity that enterprises might not/cannot monitor. A perfect example is email security solutions might scan attachments in your company email account but cannot do on your employee's Gmail account. Attackers can figure out a high value employee's personal Gmail account and try to use that as an attack vector -- making it completely invisible to enterprise security. This is where SquareX can help - admins can now create context-specific policies pertaining to personal and professional workflows. As an example, we can create a policy to isolate all file downloads on websites where the user is not logged into via his business identity. This ensures that an attacker does not enter the user's device through personal channels.