Jump to Content
Chrome Enterprise

Extending Chrome’s Security to Google Workspace and Cloud

May 26, 2022
https://storage.googleapis.com/gweb-cloudblog-publish/images/Blog_header_032x_2.max-2600x2600.png
Kiran Nair

Senior Product Manager, Chrome Enterprise, Google

Kaleigh Rosenblat

Staff Software Engineer, Chrome Browser

Extending Chrome’s Security Insights to Google Workspace and Google Cloud

Today, we announced the Chrome Enterprise Connectors Framework, a better way for businesses to easily integrate Chrome browser with popular security platforms such as Splunk, Palo Alto Networks, and CrowdStrike. We’re also excited to extend support for Google Workspace and other Cloud products, including Google Cloud Pub/Sub, Chronicle, BeyondCorp Enterprise, and Chrome Browser Cloud Management, to help IT teams gain useful insights about potential security threats and events from Chrome. This will help protect users when they: 

  • Navigate to a known malicious site. 
  • Download or upload files containing known malware.
  • Reuse corporate passwords on non-approved sites. 
  • Change corporate passwords after reusing them on non-approved sites.

This comes at no additional cost for enterprises already using these Google products. Let’s look at how you can connect these integrations. 

Getting Started is Simple

All of these integrations are set and configured through Chrome Browser Cloud Management, accessible through the Google Admin console. If you don’t have an account already, you can create one by following these steps to enroll and manage many aspects of your users’ browsers. You can learn more about that in our previous post on new ways to secure Chrome. 

Once in the Admin console, you can configure Security events reporting to view these events directly in the audit log of the console.

https://storage.googleapis.com/gweb-cloudblog-publish/images/1_REW2YPV.max-1500x1500.png

Google Workspace

As a Google Workspace customer, IT teams already have access to the Google Admin console. From there, organizations can enroll their Chrome browser and get detailed information about their browser deployment. You can also set policies, manage extensions, and more. The Chrome management policies can be set to work alongside any user-based policies that may be in place through Workspace. 

Once you’ve enabled Security events reporting (pictured above), you can then view reporting events within audit logs. Premium Google Workspace customers, including those on Enterprise Plus or Education Plus plans, can use the Workspace Security Investigation Tool to identify, triage, and act on potential security threats.

https://storage.googleapis.com/gweb-cloudblog-publish/images/2_ASnkJUW.max-1400x1400.png

Google Cloud BeyondCorp Enterprise

Google’s Zero Trust access solution, BeyondCorp Enterprise, was the first product to integrate with Chrome as part of businesses' threat and data protection. Last week, we launched BeyondCorp Enterprise Essentials to provide organizations an easier way to begin their Zero Trust journey and offer a consistent security layer to the workforce by providing key threat and data protection capabilities. These features filter and block harmful URLs in real-time, identify phishing sites, stop downloads and transfers of malicious content, prevent the loss of sensitive data, prohibit pasting of protected content, and enforce data protection policies. In addition to these security protections, all of the security events and insights from Chrome, such as malware transfer and unsafe site visits, are available to BeyondCorp Enterprise and BeyondCorp Enterprise Essentials customers.

https://storage.googleapis.com/gweb-cloudblog-publish/images/3_eHfHrzl.max-1200x1200.png

Sending Security Events to Chronicle and Google Cloud Pub/Sub

In addition to viewing these events in Audit Logs and Security Investigation Tool, you can export these events to other Google products such as Chronicle and Cloud PubSub by navigating to Devices > Chrome > Connectors.

https://storage.googleapis.com/gweb-cloudblog-publish/images/4_DX2evof.max-1300x1300.png

Google Chronicle 

Google Cloud’s cloud-native Chronicle delivers modern threat detection, investigation, and response by unifying all security telemetry and driving insights with threat intelligence. Earlier this year, we launched context-aware detections to provide organizations with the ability to prioritize alerts with additional context and risk-scoring. Now, critical web-based data from Chrome can be viewed alongside other security events, so security teams can use additional context to make better decisions.

https://storage.googleapis.com/gweb-cloudblog-publish/images/5_wiYT3XK.max-1500x1500.png

Chrome has worked for years to keep your users and corporate data safe. With a variety of integration options provided, IT teams have the flexibility to work with different Google technologies or their own preferred cybersecurity solutions to further secure their environments. Here’s how you can get started with Chrome Browser Cloud Management.

Google Cloud Pub/Sub

Many IT professionals have embraced Pub/Sub to unify their data sources. By integrating with Chrome, security events sent to Pub/Sub can then be fed into security reporting tools or a security intelligence platform of choice.

https://storage.googleapis.com/gweb-cloudblog-publish/images/6_Ui6457P.max-1100x1100.png
Posted in