Extending Chrome’s Security to Google Workspace and Cloud
Product Manager, Chrome Enterprise
Staff Software Engineer, Chrome Browser
Extending Chrome’s Security Insights to Google Workspace and Google Cloud
Today, we announced the Chrome Enterprise Connectors Framework, a better way for businesses to easily integrate Chrome browser with popular security platforms such as Splunk, Palo Alto Networks, and CrowdStrike. We’re also excited to extend support for Google Workspace and other Cloud products, including Google Cloud Pub/Sub, Chronicle, BeyondCorp Enterprise, and Chrome Browser Cloud Management, to help IT teams gain useful insights about potential security threats and events from Chrome. This will help protect users when they:
- Navigate to a known malicious site.
- Download or upload files containing known malware.
- Reuse corporate passwords on non-approved sites.
- Change corporate passwords after reusing them on non-approved sites.
This comes at no additional cost for enterprises already using these Google products. Let’s look at how you can connect these integrations.
Getting Started is Simple
All of these integrations are set and configured through Chrome Browser Cloud Management, accessible through the Google Admin console. If you don’t have an account already, you can create one by following these steps to enroll and manage many aspects of your users’ browsers. You can learn more about that in our previous post on new ways to secure Chrome.Once in the Admin console, you can configure Security events reporting to view these events directly in the audit log of the console.
As a Google Workspace customer, IT teams already have access to the Google Admin console. From there, organizations can enroll their Chrome browser and get detailed information about their browser deployment. You can also set policies, manage extensions, and more. The Chrome management policies can be set to work alongside any user-based policies that may be in place through Workspace.
Once you’ve enabled Security events reporting (pictured above), you can then view reporting events within audit logs. Premium Google Workspace customers, including those on Enterprise Plus or Education Plus plans, can use the Workspace Security Investigation Tool to identify, triage, and act on potential security threats.
Google Cloud BeyondCorp Enterprise
Google’s Zero Trust access solution, BeyondCorp Enterprise, was the first product to integrate with Chrome as part of businesses' threat and data protection. Last week, we launched BeyondCorp Enterprise Essentials to provide organizations an easier way to begin their Zero Trust journey and offer a consistent security layer to the workforce by providing key threat and data protection capabilities. These features filter and block harmful URLs in real-time, identify phishing sites, stop downloads and transfers of malicious content, prevent the loss of sensitive data, prohibit pasting of protected content, and enforce data protection policies. In addition to these security protections, all of the security events and insights from Chrome, such as malware transfer and unsafe site visits, are available to BeyondCorp Enterprise and BeyondCorp Enterprise Essentials customers.
Sending Security Events to Chronicle and Google Cloud Pub/Sub
In addition to viewing these events in Audit Logs and Security Investigation Tool, you can export these events to other Google products such as Chronicle and Cloud PubSub by navigating to Devices > Chrome > Connectors.
Google Cloud’s cloud-native Chronicle delivers modern threat detection, investigation, and response by unifying all security telemetry and driving insights with threat intelligence. Earlier this year, we launched context-aware detections to provide organizations with the ability to prioritize alerts with additional context and risk-scoring. Now, critical web-based data from Chrome can be viewed alongside other security events, so security teams can use additional context to make better decisions.
Chrome has worked for years to keep your users and corporate data safe. With a variety of integration options provided, IT teams have the flexibility to work with different Google technologies or their own preferred cybersecurity solutions to further secure their environments. Here’s how you can get started with Chrome Browser Cloud Management.
Google Cloud Pub/Sub
Many IT professionals have embraced Pub/Sub to unify their data sources. By integrating with Chrome, security events sent to Pub/Sub can then be fed into security reporting tools or a security intelligence platform of choice.