New ways to secure Chrome from the cloud with Chrome Browser Cloud Management
Kiran Nair
Senior Product Manager, Chrome Enterprise, Google
Learn more about Chrome Enterprise Core
Powerful and flexible management capabilities both in the cloud and on premises, at no additional cost.
Learn moreIT and security teams have a lot on their plate - from supporting the transition to new work environments, to preventing an increasing number of security attacks. And as more and more work is done in the browser, it’s important for IT and security professionals to look at the browser as a critical piece of infrastructure to keep their organization secure. Chrome has built-in, enterprise security solutions that makes it a crucial part of your enterprise security stack. To have more insight into browser security, we highly recommend IT teams manage Chrome in their organization.
Chrome Browser Cloud Management gives IT teams a simple and efficient way to manage and secure their browser across multiple operating systems, all from the cloud. Below we’ll cover some key examples that show how managing your Chrome browsers via Chrome Browser Cloud Management can help your enterprise adapt to evolving cyber security challenges:
Keep your corporate data secure:
Enterprise data is more valuable than ever before. IBM’s data breach report states that, in 2021 data breach costs rose from USD 3.86 million to USD 4.24 million, the highest average total cost in the 17-year history of this report[1].
The most common initial attack vector is compromised credentials. 2021 also saw a resurgence of attackers using Malware and Ransomware to steal corporate data. Chrome uses Google’s Safe Browsing technology to help protect over four billion devices every day by showing warnings to users when they attempt to navigate to dangerous sites or download dangerous files. To get additional protections, enterprises can now enroll their users into Enhanced Safe Browsing via Chrome Browser Cloud Management using enterprise policies - Enhanced Safe Browsing users are successfully phished 35% less than other users. Chrome also lets enterprises leverage features to detect and alert administrators when employees reuse their enterprise passwords on untrusted websites and warn users if their passwords have been compromised in a data breach.
For enterprises who want to put even more emphasis on keeping their data secure, BeyondCorp Enterprise's threat and data protection offers Sensitive Data Loss Prevention & Zero Trust Access Control that enables secure access to corporate data and helps detect and mitigate data breaches due to end user negligence or insider leaks.
Gain visibility into your browser environment:
Managing Chrome through Chrome Browser Cloud Management also provides you deep visibility into your organization's browsers & security posture.
The Chrome version report allows IT admins to easily see all the versions, including minor versions, of Chrome in their deployment in a daily report. This supports compliance and remediation efforts and helps IT teams have more visibility than ever before into their Chrome and Chrome OS deployments.
We also recently launched a new Apps & Extensions Usage report that gives IT visibility into all installed extensions, Progressive Web Apps (PWAs), Chrome apps, and Android apps across their deployment.
Another exciting new feature is CSV export through Chrome Browser Cloud Management. This gives admins the option to download the Chrome Browser Cloud Management data in CSV from the Admin console. Right now this capability is available for the Managed browser list report, and will soon be available for the Apps & Extensions report and Versions report.
Secure and manage extensions:
Extensions are one of the most loved features of Chrome, but can also be difficult for administrators to manage. Many threat actors lure users into downloading and installing malicious software disguised as useful applications.
As an enterprise admin, you can go into the Chrome Browser Cloud Management console and get a holistic view of extension usage across your fleet of Chrome devices. You’ll be able to understand which extensions are being downloaded, what permissions they have, and also remotely force install or remove them if they violate your security and/or compliance policies.
The Extension request workflow feature allows you to let users request the extensions that they need in the Chrome Web Store. Having a centralized list of requested extensions gives you and your security team the visibility you need to then allow, block, or automatically install extensions.
Extension pinning allows you to pin the latest version of a Chrome app or extension to control when they are updated to a newer version. This feature was requested by customers that have string change management requirements - especially in regulated industries.
Finally, our team has been working on a new Extension Details Page. This covers even more insights into each extension: configurations, requested permissions, requested website access and installs. This feature is currently in Trusted Tester, you can sign-up to join the trusted tester group here. Stay tuned for this to launch in Q2!
Enable secure access for your remote workforce:
The past year has seen a surge of cyber attacks targeting remote employees. Chrome browser, with its user protections, secure endpoints, and cloud-based management, provides a range of tools necessary to help protect your remote workforce.
Legacy Browser Support is a feature that allows administrators to run Chrome for most of their workload, and automatically fall back to a legacy browser when your users need to access a site that only works in a legacy browser. Those users are seamlessly switched back to Chrome when they try to access a modern web site from the legacy browser.
While this feature has been available for awhile, we recently added BrowserSwitcherParsingMode - a new policy, to make our decision switching-engine more compatible with Edge/IE’s decision engine.
Chrome Browser Cloud Management enables customers to manage profiles and enforce policies to managed users even when they login from unmanaged devices. With BeyondCorp Enterprise protected profiles, customers can enforce corporate access policies and protection from malicious websites, phishing, and data loss to managed profiles, while keeping work and personal profiles separate. The simplicity of this solution and our agentless approach with Chrome is ideal for remote or frontline workers, as they can securely and productively work and access resources from unmanaged devices as they normally would from a managed device. Admins can easily create granular policies and deploy them for specific user groups or activities without disrupting operations, and generate reports that provide visibility into security events, helping to surface and address potential security risks.
Learn more about how Chrome keeps your organization secure here and get recommendations from the team on how to configure Chrome based on security best practices from our security configuration guide.