Google Bulks Up ChromeOS Security for Businesses

Google today announced new security features for ChromeOS that make it better suited for enterprises that wish to implement a Zero Trust security infrastructure.

“Zero Trust security—a framework that verifies every user and device—offers a solution, but implementation can be complex and constant monitoring depletes IT resources,” Google director Tony Unreche explains. “ChromeOS, with its built-in security and automatic updates, is designed for Zero Trust security.”

ChromeOS is already the most secure desktop computing platform in its default configuration, an accolade that was recently confirmed by a report from Atredis Partners, a security analysis and testing firm. But with the improvements Google announced today, it’s easier than ever for organizations to implement Zero Trust.

They are:

Secure local data recovery. This new ChromeOS feature requires users have access to their account and the physical device to restore data locally. It logs unauthorized recovery attempts “in a tamper-evident persistent ledger in a privacy-preserving manner,” Google says.

Okta integration. ChromeOS now offers deep integration with Okta, a leading identity provider, via a device trust connector that lets administrators set device-assurance policies in Okta and allow authorized users to access applications.

Endpoint resilience. It’s unclear which part of this is new, but ChromeOS delivers features like verified boot, a read-only operating system, automatic updates, and sandboxing that isolates programs and browser tabs to prevent malicious websites from harming the rest of the system. This restricts all security risks to a single program or browser tab.

Data Loss Prevention (DLP) for files. Expanding on its policy-based DLP capabilities for users, data sources, and destinations, ChromeOS now offers DLP for files as well.

BeyondCorp Enterprise for files. BeyondCorp is a Zero Trust solution from Google Cloud that helps organizations provide secure access to apps and services using rules-based protections. And now it’s been expanded to protect local files in ChromeOS.

Splunk app for ChromeOS. This new ChromeOS app provides insights into device usage and potential threats, providing security teams with a single view into threat detection, analysis, and proactive risk management.

Consumer controls. Google is improving the security and privacy of ChromeOS for all users by adding geolocation privacy controls and granular application-level permissions for the device’s camera, microphone, and geolocation services.

Google also announced a new partnership with Cisco that brings Cisco Umbrella into the Chrome Enterprise Recommended, Security & Trust track. It’s delivered through a Chrome extension and managed via the Google admin console.

You can learn more at the Chrome Enterprise website.