Jump to Content
Chrome Enterprise

How automatic Chrome OS updates bolster security with ease and simplicity

May 31, 2017
https://storage.googleapis.com/gweb-cloudblog-publish/images/chrome-office.max-1800x1800.jpg
David Karam

Product Manager

IT admins have a challenging role, charged with securing corporate assets while providing employees with tools that are fast, intuitive and accessible from anywhere. Chrome OS is designed and built with security at its core, from Trusted Platform Module (TPM) chips on all hardware, sandboxing of software, and Chrome browser security, endpoints across your organization are secure from boot to shutdown.

The multiple security layers of Chrome OS work together as part of a cohesive security approach, including automatic updates to provide protection on a recurring basis without disrupting your work. Today we’re sharing a closer look at how automatic Chrome OS software updates maintain ongoing security of the platform and devices.

Unlike most other computing platforms, Chrome OS devices always have two images of the system software on separate partitions. This approach serves two purposes. First, there’s no disruption to your work because you can keep working while the backup version is updated. Second, the next time the Chrome OS device boots, which typically takes just 6 to 10 seconds, it runs from the recently updated partition. Essentially, Chrome OS swaps between the two images. That means there’s no waiting for the updates to be applied: You can be up and running in just seconds with new software.

This not only keeps you working, but it can also reduce IT admin support costs. Instead of admins and tech support resources trying to schedule or manually push out software updates to a large number of machines, quick automatic updates happen without disruption.

Major version updates for Chrome OS are available every six weeks on average, though minor improvements are are sometimes available sooner. And important security patches can be pushed in 24 to 48 hours if required. These updates happen automatically in the background and are applied seamlessly to the backup partition. Additionally, all software updates are provided and pushed directly from Google, so there’s no third-party intermediary involved, further helping to speed the delivery of Chrome OS updates.

Chrome OS automatic updates are one of several security layers that protect your devices and data. The updates work hand in hand with the Chrome OS Verified Boot feature to ensure that the system software hasn’t been compromised; if Verified Boot detects software tampering, it forces a reboot into the backup partition of the system software.

To learn more about the benefits of automatic updates and Chrome OS security features, register and join us on June 7 for a Chrome OS Security webinar.
Posted in