Quickstart

This page walks you through enabling Endpoint Verification and monitoring corporate devices.

For more information about Endpoint Verification, see the Overview.

Before you begin

  • Log in to your Google Workspace admin account and access the Admin console.
  • Have an organization whose devices meet the following specifications:
    • Devices running Chrome OS
    • Apple® Mac® OS X® El Capitan (10.11) and later
    • Microsoft® Windows® 7 and 10

Turning on Endpoint Sync

Endpoint Sync is a setting in the Google Workspace Admin Console that lets you collect device information from users within your organization that have the Endpoint Verification extension installed. By default, Endpoint Sync is turned on. Follow these instructions if you would like to confirm if Endpoint sync is on or not.

  1. Open the Google Workspace Admin Console and log in to your admin account.

    Open the Google Workspace Admin Console

  2. From the Admin console Home page, go to Devices.

  3. On the left, under Mobile, click Setup.

  4. Click Endpoint Sync. By default, Endpoint Sync is turned on.

  5. Select Allow desktop reporting via browser extension. This setting enables Endpoint Verification to collect of device attributes. This setting doesn't impact other Google Cloud offerings.

  6. Click Save.

Deploying Endpoint Verification

The following steps deploy the Endpoint Verification extension to your organization's company-owned devices.

  1. Open the Google Workspace Admin Console and log in to your admin account.

    Open the Google Workspace Admin Console

  2. From the Admin console Home page, go to Devices.

  3. Under Device Settings, click Chrome management

  4. Click Apps & extensions.

  5. At the bottom-right, click Add > Add from Chrome Web Store.

  6. In the Search the store field, enter Endpoint Verification.

  7. Click Select next to the Endpoint Verification extension.

  8. Click User settings.

  9. Under Orgs, select the org to deploy the extension to.

  10. Ensure that Allow access to keys and Allow enterprise challenge are on.

  11. Click the Installation policy drop-down for Endpoint Verification and select Force install.

  12. In the top-tight click Save.

Users might need to install a native helper after the extension is deployed unless they're using Chrome 80 or higher on a Mac or Windows device. Have your users follow the process below.

  1. Open Chrome browser.
  2. On the browser toolbar, click the extension Endpoint Verification to open it.
  3. If prompted, click Add Account and enter your corporate email address and password.
  4. If you see a message that the native helper isn't on your device, click Install it and follow the steps to install the native helper.
  5. Click the extension again and then click Sync Now.

If your want to deploy the native helper instead of having your users install it, see Deploying the Endpoint Verification native helper with third-party tools.

For more information about deploying extensions, see Manage Chrome Browser extensions in the Admin console.

Turning off Endpoint Verification

If you turn off Endpoint Verification, you won't see any computers added after that in your Google Workspace Admin Console. You will still see computers that were monitored before, but device information isn't updated.

  1. From the Admin console Home page, go to Devices.
  2. On the left, under Mobile, click Setup.
  3. Click Endpoint Sync.
  4. Deselect Allow desktop reporting via browser extension.
  5. Click Save.