I still remember the first time someone recommended I use Google Chrome. At the time, I was a Firefox user and skeptical about a search engine creating a browser that could compete. Chrome has come a long way, and in 2013 became the most-used browser in the world. They still hold the title today. Chrome is built on Google’s Chromium open-source web browser project. Chromium is now used by many web browsers, including Microsft Edge. Google even took it a step further and created the Chrome Operating System.
As an admin for Google Workspace, oftentimes Chrome gets overlooked or put on the back burner when initially enabling settings in the admin console. For organizations not using Google Workspace, you may not be aware, but you can also manage Chrome and enforce 200+ policies. Organizations can be more concerned about collaboration tools settings; Chrome may not be a priority. Even if it is not a priority, some simple Chrome settings are worth enabling to help your users and increase security. Here is a list of 5 features that can easily be enabled to help secure your environment.
Chrome profiles are helpful for the end user. For example, my data syncs across all my devices, allowing me to do things like pull up my phone's browsing history on my PC with just a click. From an admin perspective, this forced sign-in facilitates pushing policies to the device.
In the admin console, in the users and browsers settings, you can select “Force users to sign in to use the browser.” Enrolling devices in the cloud-managed Chrome browser varies by operating system. You can find enrollment instructions here. If a user’s device is not enrolled in cloud-managed Chrome browsers and if the user has not signed into Chrome, then policies will not be pushed out to the user.
Google does a great job of integrating with third-party applications to extend the capabilities of Google Workspace. Anyone can connect Workspace to an external app with a simple click or two. This is empowering, but it can be overwhelming. Do you just let users install anything they want? Do you block apps or have an allowed list? Each organization is different, but typically it is a combination of settings. A new setting for unconfigured applications (apps with no access setting like trusted, limited, or blocked) allows you to allow, block, or only allow basic information to be shared with the third party.
Leak detection & password alert are two different settings, but they complement each other well. A majority of security incidents are the result of passwords being compromised through various means. Making your organization’s login requirements as strict as possible will help eliminate security threats. The features for securing your organization's login options are always evolving and improving. From two-factor authentication to context-aware access and now, new technologies like passkeys are helping take it a step further to help eliminate passwords altogether.
That said, some applications are always accessed with a username and password only. In those cases, the leak detection feature utilizes Chrome to check if a user’s username and password have been compromised. Additionally, with the Password alert feature, an admin can specify if users can reuse their password.
This is an interesting setting, and based on your tech stack, you may not want your users saving passwords with Chrome. Some organizations have an approved password management tool. If this is the case, customers often disable the password manager. If you don’t have a specific tool for your users, I suggest Password manager as the strong password suggestions alone will help improve a user’s security posture.
This one is simple but extremely helpful. Your organization likely has a set of links to important content and materials on an intranet site or even just listed in a document somewhere. There are always a few links that a user should have readily available. Users don’t always bookmark these sites. With managed bookmarks, an Admin can push these bookmarks to your users. A few easy-to-implement suggestions are a bookmark for your intranet and a link to your helpdesk ticketing system.
If you want to deploy Chrome for your organization, contact Suitebriar today for our full guide.