Jump to Content
Chrome Enterprise

Secure Enterprise Browsing: Chrome adds enhanced DLP and extension protections

April 20, 2023
https://storage.googleapis.com/gweb-cloudblog-publish/images/19618_Blog-Header_2436x1200.max-2500x2500.png
Kiran Nair

Senior Product Manager, Chrome Enterprise, Google

Secure Enterprise Browsing: Chrome adds enhanced DLP and extension protections

The web browser is the backbone of modern work. As for my own work, I heavily depend on it. It grants me access to SaaS apps, internal websites, conference calls, and a vast web of information. Perhaps unsurprisingly, the browser has also become an increasingly popular target for external threats and data theft. As a result, we expect our IT and security teams to consider the browser a strategic asset for maintaining a secure and productive enterprise environment.

We’ve shared Chrome’s vision for secure enterprise browsing and our core security approaches. We’re excited to announce new enhancements that organizations can use to protect their company and users as they work on the web. Data loss prevention (DLP), security insights and visibility, and extension security are essential components of a secure enterprise browsing solution. Today, we are introducing new capabilities to aid you on your cybersecurity journey.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Blog-visual-19618-_-Browser-_-CBE-Security.max-1600x1600.png

Data Loss Prevention enhancements 

Chrome offers integrated DLP options that enable you to monitor and safeguard confidential information and intellectual property accessed via the browser against unauthorized access or disclosures due to user negligence. 

We are excited to add three new capabilities to our existing DLP protections, through BeyondCorp Enterprise:

  • Context-aware DLP allows you to customize your DLP rules based on the security posture of the device used. For instance, you can allow your users to download sensitive documents if they're accessing them from a corporate device that’s up to date on security fixes, or is confirmed to have endpoint protection software installed, but stop them from doing so if they're using their own personal device or a corporate device that doesn’t meet the criteria.
  • URL filtering gives you the ability to block or warn your employees from visiting websites, or categories of websites that breach your organization's acceptable use policies. You can also restrict access, like blocking users from visiting popular file sharing websites, while still permitting file sharing via your corporate file-sharing site.
https://storage.googleapis.com/gweb-cloudblog-publish/original_images/url_filtering.gif

  • DLP for print enables you to stop users from printing files that contain confidential data. For example, you can warn and block your employees before they print files containing more than 10 Social Security numbers.

https://storage.googleapis.com/gweb-cloudblog-publish/original_images/dlp_for_print.gif

Extension risk assessment 

There are more than 250,000 extensions on the Chrome web store, providing users with additional functionality they want to add to their browser, such as ad-blockers and productivity tools. However, like any software, browser extensions can pose certain risks to users or request permissions that are not aligned with company policies. Having visibility into extensions and how they’re being used is critical to security teams.

IT and security teams can already view complete lists of installed extensions, set policies around extensions that can run in their environment, and create approval workflows that allow them to review requested extensions before allowing users to install them. Now, we're giving enterprises additional insights to help them assess extensions for their organization.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Risk_assessment.max-900x900.png

CRXcavator and Spin.AI Risk Assessment are tools used to assess the risks of browser extensions and minimize the risks associated with them. We are making extension scores via these two platforms available directly in Chrome Browser Cloud Management, so security teams can have an at-a-glance view of risk scores of the extensions being used in their browser environment. This is now available for all Chrome Browser Cloud Management users.

New browser security insights

Visibility into browser activities helps businesses identify and mitigate security risks, protect sensitive data and users. Last year, we launched reporting integrations that enable organizations to send critical security event notifications to security solution providers, such as Splunk, Crowdstrike, Palo Alto Networks, and Google solutions, including Chronicle, Cloud PubSub, and Google Workspace, for further analysis. We have made two new security event notifications available:

  • Extension installs: Alerts IT and security teams when an extension is installed, so they can track new extension usage in their environment.

  • Crash events: Alerts IT and security teams when a browser crashes on a device, which can help them kick off investigations.

These new event notifications, in combination with our existing reporting options, offer even more visibility into broader data sets. You can read the full list of security events that trigger notifications here.

By implementing advanced DLP and gaining more visibility into extension security and critical security events, organizations can identify potential threats and vulnerabilities before they are exploited, reduce the risk of data loss, and take a more proactive approach to cybersecurity. 

To get started with Google Chrome's secure enterprise browsing solution and take advantage of some of our new enhancements, set up Chrome Browser Cloud Management at no cost. Our solution can meet the security requirements of organizations at any stage of digital transformation. Get in touch today to learn more, and come see us in action at the Google Cloud Security booth at the RSA Conference next week.

Posted in