Google has recently announced six new features for its Chrome browser that aim to enhance the security and privacy of enterprise users. These features include data loss prevention (DLP), protections against malware and phishing, and the ability to enable zero-trust access to the search engine.
Data loss prevention (DLP)
DLP is a set of policies and tools that help prevent unauthorized access, use, or transfer of sensitive data. Google has added three new DLP features for Chrome that extend beyond its existing DLP capabilities:
- Context-aware DLP: This feature allows administrators to customize their DLP rules based on the security posture of the device being used. For example, admins can allow users to download sensitive documents if they are accessing them from a corporate device that is up to date on security patches or has endpoint protection software installed. However, the feature will block users from downloading sensitive documents on personal devices or devices that do not meet the security criteria.
- URL filtering: This feature allows administrators to block or warn users about visiting websites, or categories of websites, that breach the organization’s acceptable use policies. For example, admins can restrict access to popular file sharing websites, while still allowing file sharing via the corporate file-sharing site.
- DLP for print: This feature allows administrators to stop users from printing files that contain confidential data.
Extension security
Extensions are small programs that add functionality to the browser. However, some extensions may pose risks to users or request permissions that are not aligned with the organization’s policies. Google has added two new features for Chrome that help assess and manage extension security:
- Extension risk assessment platforms: Google has integrated two browser extension risk assessment platforms, CRXcavator and Spin.AI Risk Assessment, into Chrome Browser Cloud Management. These platforms provide risk scores for extensions based on various factors such as permissions, code quality, privacy practices, and more. Administrators can view the risk scores of the extensions being used in their browser environment and take appropriate actions.
- Browser security event notifications: Google has added two new browser security event notifications for Chrome that alert IT and security teams when an extension is installed or when a browser crashes. These notifications can help jumpstart investigations and identify potential threats or vulnerabilities.
Zero-trust access
Zero-trust access is a security model that assumes no trust between users and resources, and requires verification for every request. Google has enabled zero-trust access for Chrome through BeyondCorp Enterprise, its zero-trust solution. BeyondCorp Enterprise provides continuous authentication and authorization for users and devices accessing web applications and services. It also offers protection against malware and phishing attacks by isolating risky web sessions in a secure sandbox.
Google’s new features for Chrome are designed to help enterprise users work securely and productively on the web. By implementing advanced DLP and gaining more visibility into extension security and critical security events, organizations can reduce the risk of data loss and take a more proactive approach to cybersecurity.
You can read more about Secure Enterprise Browsing here.
Nexlogica has the expert resources to support all your technology initiatives.
We are always happy to hear from you.
Click here to connect with our experts!
0 Comments