Skip to main content

Enterprise browser check-up: 6 Chrome Browser policies every IT admin should know

With more than 300 policies available to IT admins, we’re constantly expanding Chrome’s support for enterprises. Here’s a round-up of policies—some old, some new—designed to help IT admins make their organizations more secure and productive.


1. Enforce policies through forced sign-in.

Administrators can decide if they want to set many of their policies at a device level, or manage them by user. But if a user isn’t signed into their Google account, IT is unable to enforce some user-based policies in their organization.


Especially handy for organizations that use G Suite, the Forced Sign-In policy requires users to sign in to their Google account before they can use their browser. This helps you better enforce policies that you want to manage at the user level, for example enabling or disabling password manager or managing outdated plugins. This policy has been available since January 2018 for Windows and since April 2018 for Mac.


2. Make sure your users are running the latest version of Chrome Browser with relaunch notifications.

Chrome Browser automatically updates to ensure users are running the latest version of Chrome, which helps protect businesses against known security vulnerabilities. But if employees are in the middle of working, they might not always restart their browser for the latest updates.


Starting with Chrome 66 (released in April 2018), you can now set a policy that prompts your users to re-launch their browser to finalize updates. You can select from a variety of options for when and how to prompt users, such as indicating whether a restart is recommended or required, or setting forced restarts after a specific number of days. With this policy, IT can balance the need to ensure users are running on the latest, most secure version of Chrome Browser with giving them the flexibility to re-launch at a time that’s convenient for them.

3. Balance security with productivity through extension controls.

The Chrome web store already continuously monitors extensions to detect suspicious activity using Google’s machine learning tools. But many enterprises would like even more granular control.


To help, Chrome Browser allows you to whitelist and blacklist extensions for added assurance. You also have the option to change specific access of an extension, like if you want to specifically prevent an extension from requesting to access a camera. This gives you the flexibility to open up the use of extensions as much or as little as makes sense for your organization.


4. Add additional layers of protection with Site Isolation.

With browser-based threats like universal cross-site scripting (UXSS) increasingly prevalent, it’s always a good idea to consider additional layers of protection. Site isolation ensures that pages from different websites are always put into different processes, each running in a sandbox that limits what the process is allowed to do. It also blocks the process from receiving certain types of sensitive data from other sites. As a result, a malicious website will find it more difficult to steal data from other sites.


Since the release of Chrome 63, Site Isolation has been available to IT admins. Starting with Chrome 66 (released in April 2018), Site Isolation is automatically turned on for some users. If you want to manage centrally, IT can override this via policy.


5. Time updates or handle them manually.

Because Chrome Browser offers continuous release cycles—with new versions available every six weeks—you can rest assured that you’re protected from vulnerabilities without having to wait on manual patches. That said, if your business is performing testing or internal security checks, you may need more control around rolling out these updates.


Chrome Browser allows you to time when these automatic updates happen, or handle them manually so you can pace based on your internal processes or testing schedules. This makes it easier for you to control when updates happen so you can keep your users secure without disrupting business activity.


6. Update your Symantec Security Certificates.

In an effort to help businesses stay secure, we announced a temporary Chrome Browser policy in 2016 to protect those companies that rely on Symantec security certificates pre-dating June 2016. This policy is going away in Chrome 73 (estimated release in January 2019).


If you have this temporary policy turned on, now's a good time to check in on the status of your certificate updates. This will ensure that your users aren't exposed to security warnings when the policy expires.


To configure any of these policies, you can either use Group Policy in your Windows environment with the templates available in the enterprise bundle, or Google Admins can use the management console through Windows, Mac, or Linux computers. Just visit Device management > Chrome > User Settings in the Admin Console, or check out these instructions.


Chrome Browser also now offers release notes so you can stay updated on critical enterprise policies with each release. And if you’re interested in learning more, we’ll have several breakout sessions this year at Google Cloud Next to help you get the most from Chrome Browser. Visit the Next ‘18 website for more information.

by via The Keyword

Comments

Popular posts from this blog

certain keys on my keyboard dont work when "cold"

Hi guys, i have a Lenovo Y520-15IKBN (80WK) and certain keys on the keyboard don't work (e,g,h,8,9,Fn...) but only when the weather is cold. for example in the winter it used to work after certain amount of time when i first boot the laptop and stops working when i stop using it for a while, but now that the weather is hot it works just fine except for the first couple of minutes or when its colder. of course i do realise that it has nothing to do with the outside weather but with the temperature of the computer itself. can someone explain to me why this is happening and how it should be fixed as i cannot take it to the tech service until july even though it's still under warranty because i need it for school. ps: an external keyboard works fine. Submitted April 29, 2018 at 03:35PM by AMmej https://ift.tt/2KiQg05

Old PC with a Foxconn n15235 motherboard needs drivers! Help!!

So my Pc corrupted and I had to fresh install windows on it, but now its missing 3 drivers and one of them is for the Ethernet controller! I've tried searching everywhere for the windows 7 drivers but all I seem to find are some dodgey programs saying they will install it for me. Problem is without the ethernet driver I can't bloody connect to the internet. I've been using a USB to try get some drivers on there, but they just end up being useless programmes . I'm also a bit of a noob at these things, I don't understand where to find the names of things in my PC, I've opened it up but I don't understand whats significant and what isnt. If someone has the drivers and can teach me how to install them I'd be very appreciative! Submitted April 29, 2018 at 02:47PM by darrilsteady https://ift.tt/2r76xMZ