In this blog, Matt Stevens, Chrome Enterprise Lead at Google explains how Chrome OS and Chrome Browser are secure by design—embedding security into every workflow to provide proactive protection for users, devices, applications, and data, wherever work happens. This is cloud-first security control in the hands of the modern businesses that will thrive moving forward.
With the dramatic increase in distributed workforces and the growing adoption of cloud applications, companies face unprecedented levels of IP, data, and identity sprawl beyond the enterprise firewall. Every endpoint is an entry into your business, cybercriminals have more ways to break in than ever before, and human error on the inside is a constant risk.
Historically, endpoint security has been a zero-sum game—with the odds inevitably stacked against IT. But rather than protect devices, what if you could just control the security of them?
The world of work has shifted and as our homes have become the workplace for many people, there will, at some point, be a shift back to the office but not at the degree we have seen historically. The new distributed & remote workplace means people will be looking to access tools and services from almost anywhere. The requirement is now, how do we protect that. We need to look at how the technology has evolved from a security standpoint which has brought about great change in 2020.
Many public sector organisations, from a security and threat detection perspective, have evolved incredibly quickly, what they were looking to implement in 4-5 years time, they have managed in just 10 months.
89% of companies anticipate that many to most of their workers will work from home even as the world reopens (U.S Remote Work Survey, PWC, 2020)78% of IT decision makers aim to provide all employees with cloud-based access to business applications within the next two years (Forrester, 2019)
80% of endpoint attacks in 2019 were new or unknown zero-day attacks (Forrester, 2020)
41% of data breaches from 2005-2015 were from lost devices (Cost of Data Breach Report, IBM & Ponemon, 2020)
87% of computer users simply ignore security warnings (Insider Data Breach Survey, Egress & Opinion Matters, 2020)
To change the rules of the game, be proactive, and turn a defensive strategy into an offensive strategy, here are 6 clear steps:
1. Be cloud first
By removing the endpoint from the equation, you can get to the position where any devices which are lost or stolen, the end user can continue working. Having information assets stored in the cloud also greatly reduces or entirely removes the susceptibility of compromising both personal or corporate data on a device and ransomware.
2. Sandbox everything
Sandboxing can contain threats to an individual tab within a browser session. Ensuring all applications & all OS process are kept separate from each other, meaning that no application can view, edit, save, or distribute any data from another application within that user’s session. This isolation of processes limits the scope of an attack, resulting in powerful protections.
3. Default to encryption
Encryption methods are bolstered by sandboxing. The sandboxing principles apply between users on the device while every user has their data and settings within an encrypted partition, making it safer to share loaner devices with temporary workers.
4. Always up to date
Chrome OS updates are available every 6 weeks, complemented by security patches every 2 weeks. In case of high-level threats, updates can be provided between 24 – 48 hours. Google Chrome Enterprise works on a test forward rather than roll-back model.
5. Teach users in real time
There are numerous elements within the platform that ensure an organisations security while protecting the end-user. Safety precautions are baked in using artificial intelligence and machine learning and will warn users when attempting to navigate to dangerous sites or download malicious files.
6. Tamper-proof the OS
The operating system, Chrome OS, has various protections throughout the stack and built very differently to other systems on the market. Even before the device has started up you can validate that your corporate data is secure.
It’s time for a change, time for news rules. Let look how we can take back security control and implement a new way of working with Chrome Enterprise to improve security with huge commercial and operational resource benefits.
Matt has been at Google for over 4.5 years, initially bringing Android Enterprise to the EMEA market. After success in this go to market drive, he is now introducing Chrome Enterprise to the workplace. As Chrome Enterprise Lead, his core remit is advocating Chrome Enterprise as a truly viable, alternate platform for enterprise. His experience covers platforms, cloud solutions and manufacturers. He now leads the Public Sector business in the UK and is excited by what Chrome Enterprise can bring to this space.