Can sandboxing save us from hackers?

sand sculpted into box shape

Wednesday, 11 September, 2019

Sandboxing may seem an odd word to use when talking about broadband, but it’s one of the best ways to protect people and networks online.

Having been used business for years, it’s hitherto been rare in consumer anti-virus software. Yet it’s now appearing in mainstream products. In fact, you may already have it.

Microsoft have included a sandbox function in their Windows Defender anti-virus software since late 2018, though the user has to know what they’re doing to enable it.

So what is sandboxing? And who needs it?

Stopping risky files

When IT people speak of sandboxing a file, they mean they’ve isolated the file in a secure environment.

This keeps it away from external influence and interaction. If the sandboxed file is dangerous, any damage it causes cannot reach or harm the network.

Developers and engineers use this method to test software and solve network problems. They monitor each file and its actions, free from external influences and effects.

Security experts isolate files in a similar way, to see what a suspicious item would do if left to its own devices.

But sandboxing goes further in business security software, where it spots and isolates threats before they have a chance to reach the network.

If a file is identified as suspicious, it is sandboxed at once. Then it is examined, deleted or manually approved according to system settings.

When this happens in the cloud, details of new threats can be shared quickly and used to update anti-virus software, keeping us all safe from harm.

This approach works quickly and efficiently, but it may slow down networks and processes.

This, along with cost and implementation, meant it was only justified at enterprise level until recently. Today, it’s being added to some mainstream products as a matter of routine.

Who needs a sandbox?

Windows Defender has had a sandbox function since October 2018, and there are rumours that extensions to Chrome and Firefox may become available.

Sandboxing can slow things down, but it offers huge benefits to consumers.

The number of new malware and virus threats appearing each year runs into the millions; the dangers of malware are increasing; and cyber-crime threatens everyone online.

What’s more, criminals know protective software usually has the greatest access to any network. They know if they breach security software, the entire network is open.

By stopping and isolating such threats in real time, sandboxing escalates the protection that anti-virus packages provide.

It also shows potential for use with AI and machine learning, to create even better online protection in the future.

In practical terms that means less risk of identity theft, ransomware and viruses.

Police statistics from January 2019 show that almost £200,000 is lost by victims of cyber-crime every single day in the UK.

And anything that comes between them and the criminals has to be welcomed…

Neil Cumins author picture


Neil is our resident tech expert. He's written guides on loads of broadband head-scratchers and is determined to solve all your technology problems!