Artificial Intelligence 

Productivity accelerator. Innovation catalyst. Creative collaborator. Whatever your vision for AI, Unisys provides the solutions, expertise and tools to realize the full business potential of your organization.
Explore

Logistics Optimization

Keep cargo moving — despite disruptions. Discover how patent-pending AI models using real-time data can save time and boost revenue by improving capacity utilization, route planning and inventory management.
Explore

Consulting

The nature of work is changing. Let's evolve your business together. Future-proof your organization with consulting services from Unisys and advance as a digital-first entity.
Explore

Industries

Your industry sets you apart. You see the road ahead clearly. Let's join forces and turn that vision into reality. Unisys brings the tech know-how to complement your deep expertise.
Explore

Client Stories

Explore videos and stories where Unisys has helped businesses and governments improve the lives of their customers and citizens.
Explore

Research

Embark on a journey toward a resilient future with access to Unisys' comprehensive research, developed in collaboration with top industry analysts and research firms.
Explore

Resource Center

Find, share and explore assets in support of your key operational objectives.
Explore

Careers

Curiosity, creativity, and a constant desire to improve. Our associates shape tomorrow by going beyond expertise to bring solutions to life.
Explore

Investor Relations

We're a global technology solutions company that's dedicated to driving progress for the world's leading organizations.
Explore

Partners

We collaborate with an ecosystem of partners to provide our clients with cutting-edge products and services in many of the largest industries in the world.
Explore

Language Selection

Your selected language is currently:

English
8 Min Read

Why Dynamic Isolation Is Superior to Quarantine

January 16, 2020 / Salvatore Sinno

Cybercrime has rung up $2 trillion in losses. It will cost businesses an estimated $5.2 trillion worldwide within five years. The average cost of a breach is nearly $4 million. Even more alarming, the University of Maryland says a cyberattack takes place every 39 seconds.

So, it doesn’t require a mental leap to imagine that one of your machines is infected. In fact, that’s probably the reality within your enterprise network at this very moment.

How do you contain the threat – quickly – before it spreads and does major damage?

The answer is by isolating it.

But there are different approaches to isolation, and some are clearly superior to others.

You Can’t Trust Compromised Machines to Address Cybersecurity

Traditionally organizations have attempted to contain threats by relying on software on the infected endpoint itself. But cybersecurity professionals who employ legacy endpoint detection and response (EDR) solutions should examine the rationale behind this approach. That should include considering whether they can trust anything on an endpoint that is already infected.

The answer is clearly no. That’s because it may take a while to realize that a machine has been compromised. The Ponemon Institute says the mean time to detect a breach is 197 days.

By the time you realize a machine is compromised, you can’t trust the applications on it.

That’s the Achilles’ heel of legacy quarantine solutions. And it’s not the only one.

Traditional Technology Doesn’t Look Around – or Look Ahead

We live in a connected world, and many connected devices are attached to enterprise networks. Gartner estimates that 5.8 billion enterprise and automotive IoT endpoints will be in use in 2020. That’s a 21% increase from 2019.

Connected machines can quickly spread an infection on one machine to many other enterprise devices. Cybersecurity team members need to prevent that from happening.

But traditional EDR systems were not designed to think forward. They don’t consider how security events can impact the rest of the ecosystem. In enterprise IT environments in which multiple machines are interconnected, this approach simply does not work.

In Bricking Devices, Quarantine Also Blocks Business

Quarantine, a traditional cybersecurity approach, treats infected devices by “bricking” them, making them useless. When that happens, the applications (and people) that use the bricked devices are locked out. They cannot perform the tasks they typically do on those devices, and business operations stop.

Using a traditional quarantine solution can be extremely costly for businesses and inconvenient for their customers.

Imagine the device is a server in a distribution center that dispatches 800 packages per minute. If you brick this device, you lose the capability to support 800 customers every minute. Plus, you may lose your ability to meet your customer service level agreements.

What if the bricked device were a payment processing system? If you traditionally quarantined that, your customers couldn’t buy your products and services.

Your business loses money every minute a machine is down and cannot be used.

Unisys Stealth® Dynamic Isolation™ Is Different – It Keeps Business Working

Organizations that employ Stealth™ Dynamic Isolation don’t experience such losses due to traditionally quarantined devices. They don’t have to trust compromised devices or leave the ecosystem’s cybersecurity to chance, either.

Stealth™ Dynamic Isolation enables endpoints to continue working even when they’re in safe mode. That’s very different than quarantine, which completely takes down compromised and vulnerable endpoints.

The dynamic isolation feature of Unisys Stealth® isolates only the port or protocol exhibiting anomalous behavior. It allows operations and security incident response teams to access the endpoint and use their current processes and technologies to remediate the incident remotely. It acts as a protective suit, leaving the rest of the business and systems functioning.

As a result, businesses can continue accepting sales transactions, dispatching packages and doing other important work. Business associates don’t sit idle while they wait for service to be restored to their endpoints. And businesses can continue generating revenue, meeting their business goals and serving customers.

This Stealth™ Feature Acts Fast and Looks Forward

Stealth™ Dynamic Isolation works fast to isolate the threat and prevent further contamination. It protects both the device that is compromised and the machines around it.

That can prevent a single breached machine from evolving into a major cybersecurity incident. Because once malware like ransomware is inside your enterprise, you’re in a race against the clock. Your cybersecurity solution has to move faster than the malware.

Stealth™ Dynamic Isolation – which applies security policies to devices quickly and automatically – can do that. This Unisys solution moves machines to a new community of interest in less than 30 seconds. That isolates them from the compromised endpoint, reduces your attack surface and keeps your business running.

And It Works Just as Quickly to Restore the Machine to Its Original State

Stealth™ Dynamic Isolation also restores machines to their original status once the threat is removed. This Unisys solution does that quickly and easily, too – and it’s entirely automatic.

In fact, it returns systems to their original state at the same speed that it isolates them.

Stealth™ Dynamic Isolation Is the Best Way to Contain Endpoint Infections

Today’s cybersecurity landscape calls for solutions that act fast to prevent compromised machines from expanding the attack surface. Stealth™ Dynamic Isolation is such a solution.

And it’s unique in the marketplace.

Stealth™ Dynamic Isolation protects the device that is infected. It shields from harm the devices around it that are not yet compromised.

It allows machines to continue operating while the cause of the threat is identified and remediated. It returns the machines to their original status as soon as threats are eliminated.

And Stealth™ Dynamic Isolation keeps systems, people and businesses working all the while.