The Daily Swig Web security digest

Latest Chrome release includes Site Isolation for enterprise security

James Walker | 07 December 2017 at 13:20

Admin security enhancements and more for Google’s freeware browser.

Chrome 63, the latest iteration of Google’s freeware browser, is now shipping to Windows, Mac, and Linux, complete with a range of security enhancements for enterprise users.

Citing the ongoing need to protect businesses from potential dangers such as ransomware, malware, and other vulnerabilities, the Alphabet company has developed Site Isolation for its browser, which results in even stronger security boundaries between websites.

With Site Isolation enabled, Chrome renders content for each open website in a separate process, isolated from other websites. The solution can be customized, allowing admins to create a preset list of sites they want to isolate.

Google recommends enabling Site Isolation for sites that require a login and host sensitive content, such as intranets. However, this additional layer of security will come at the expense of increased memory usage.

Admins can read more to determine if this capability makes sense for their organization.

In addition to Site Isolation, Chrome 63 makes it easier to restrict extensions based on required permissions. Admins can now configure a new policy that restricts access to extensions based on the permissions required.

For example, through policy, IT can now block all extensions that require the use of a webcam or microphone, or those that require access to reading or changing data on the websites visited.

Google’s latest security measures for its browser follow the recent launch of a built-in antivirus engine for Chrome Cleanup, which alerts users whenever they download a package that includes an unexpected component.

While the Mountain View tech firm warned that its sandboxed engine is not a general-purpose antivirus, the company said it can now detect and remove more unwanted software than ever before.

Looking ahead, Google shared on its admin forum that Chrome 64, coming in early 2018, will include support for the NTLMv2 authentication protocol, including Extended Protection for Authentication (EPA) on Mac, Android, Linux, and Chrome OS.

This will allow all platforms to perform NTLM authentication with the same level of security that was previously available only in Chrome on Windows.

“From new ways to better isolate processes, to broader support for more advanced security standards, to the introduction of new policies, IT admins now have more options to protect their users and businesses from potential threats,” said Chrome Enterprise product manager, Matt Blumberg.