You can now use isolation profiles in Remote Browser Isolation (RBI) to specify the types of files users can upload or download, enabling more granular control over data transfers during isolated browsing sessions. Previously, you can only allow or block all downloads or all uploads during isolation, regardless of file type. The new capability helps to enhance the security posture by reducing the attack surface and preventing various types of cybersecurity threats. It also helps in data exfiltration by controlling which categories of file types a user is able to upload.

You can configure allowed file types in isolation profiles using predefined categories like Documents, Multimedia, Archives, Executables/Applications, and Source Code. You can also specify up to five custom file extensions. When a user attempts to download or upload a file during isolation, the RBI service checks if the file type is allowed based on the configured profile. This prevents users from transferring unauthorized file types, reducing the risk of data exfiltration or malware introduction.

Key use cases include permitting users to download only document files, blocking downloads of executable files, or permitting transfers of only specific approved file types. The granular controls enable you to balance security and usability by tailoring allowed file types to your organization's needs. Configuring file type filtering enhances your data loss prevention capabilities and provides an additional layer of protection against potential threats introduced through file transfers.