Google today offered an interesting overview of how it secures Chrome OS. And while much of it will be very familiar to Windows users, there is one aspect to Chrome OS that is quite unique.
“The multiple security layers of Chrome OS work together as part of a cohesive security approach, including automatic updates to provide protection on a recurring basis without disrupting your work,” Google product manager David Karam explains. “Today we’re sharing a closer look at how automatic Chrome OS software updates maintain ongoing security of the platform and devices.”
Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!
"*" indicates required fields
Note that this post is aimed at businesses. As you may have heard, Chrome OS is starting to make inroads with Microsoft’s core customer base, and according to IDC, Chromebook growth with business was the only reason that PC sales to businesses grew at all in the last quarter.
Anyway, here’s the unique bit: Chrome OS always maintains two system images on disk at the same time, each in its own partition. That way, you can continue working while system updates are applied, with just a 6-10 second delay on the next reboot so that the second partition can be updated too.
“Essentially, Chrome OS swaps between the two images,” Karam writes. “That means there’s no waiting for the updates to be applied: You can be up and running in just seconds with new software.”
This approach has other benefits, too. IT admins will never need to schedule or otherwise micro-manage updates because these updates are both automatic and non-disruptive. (In the Microsoft sphere, we’re batting about .500 on that measure.)
Karam also describes the Chrome OS update schedule: Google ships major version updates for Chrome OS about every six weeks, with minor improvements often added in-between. But important security updates can be pushed out in 24 to 48 hours when required.
“These updates happen automatically in the background and are applied seamlessly to the backup partition,” he notes. “Additionally, all software updates are provided and pushed directly from Google, so there’s no third-party intermediary involved, further helping to speed the delivery of Chrome OS updates.”
If you’d like to learn more about Chrome OS security in businesses, Google is hosting a Chrome OS Security webinar next week.
Locust Infested Orchard Inc.
<p>Chrome OS <em>and</em> secure in the same sentence? Well I never – an oxymoronic statement of gravity-defying proportion.</p>
jean
<blockquote><a href="#121249"><em>In reply to hrlngrv:</em></a></blockquote><blockquote><em>all Windows 10 devices are also Windows 10S devices … you won't nemefit from reduced prices due to lower OS cost though</em></blockquote><p><br></p>
skane2600
<blockquote><a href="#121228"><em>In reply to VancouverNinja:</em></a></blockquote><p>Neither Chromebooks nor Windows S are well suited for the Enterprise. What they have in common is an inability to run most existing Windows programs. </p>
jean
<blockquote><a href="#121329"><em>In reply to skane2600:</em></a></blockquote><blockquote><em>with CItrix Receiver UWP that equation just changed dramatically…</em></blockquote><blockquote><br></blockquote><p><br></p>
skane2600
<blockquote><a href="#121357"><em>In reply to jean:</em></a></blockquote><p>Yes using Citrix you can run legacy Windows programs on the server at reduced speed. That doesn't change the fact that you can't run them natively on Windows S. Of course, you can achieve the same poor performance using Citrix with Chromebooks.</p>
skane2600
<p>“Additionally, all software updates are provided and pushed directly from Google, so there’s no third-party intermediary involved, further helping to speed the delivery of Chrome OS updates.”</p><p><br></p><p>Unless we are talking about phones, this is exactly the same scenario Windows uses. All updates come directly from MS.</p>
skane2600
<blockquote><a href="#121275"><em>In reply to Jeff Jones:</em></a></blockquote><p>I doubt it. It's really a time vs. storage issue. You can update the system software faster at the expense of doubling the amount of storage it takes. </p>
skane2600
<blockquote><a href="#121381"><em>In reply to Jack Smith:</em></a></blockquote><p>Well, technical debt is about favoring the short term over the long term. It's not as if Windows NT design could have anticipated the 2017 environment. The whole idea of technical debt, however, is a one-sided argument. Many great and successful products would never have seen the light of day if developers had waited until they had the perfect system. And trying to anticipate future needs can lead to wasted time and bloated systems. Sometimes it makes more sense to pay for the future IN the future.</p>