The web browser is a central facet of almost every interaction for workers, providing access to information, applications and communication – but its ubiquity also means it’s a security risk.

With that in mind, the Chrome enterprise team at Google LLC is adding improvements to its browser so information technology teams can keep it secure in corporate environments to protect users and data. As part of what Google announced today, Chrome enterprise security teams will gain access to new tools for preventing data loss. They’re aimed at providing extra visibility into security issues and delivering better risk assessment for browser extensions, which are plugin apps that extend the capabilities of the browser.

Kiran Nair, product manager on the Chrome enterprise team, told SiliconANGLE in an interview that most security happens at the network and protocol layers but there’s a gap when it comes to protecting corporate resources when web browsing.

“We believe that many of these security capabilities can be directly integrated directly into the browser and that’s a better place to protect people when they browse the web,” Nair explained. For example, when it comes to corporate data, users may be sending sensitive information outside of the network and that needs to be caught.

Chrome already has data loss protection options that enable IT teams to safeguard against leaking sensitive information such as if users already use an external website in their day-to-day operations such as Pastebin for sharing information. However, if they try to share something sensitive such as social security numbers, that gets blocked.

Now data loss protection can be context-aware according to rules set by the IT team, for example, allowing them to download and use sensitive information if they’re on a secured corporate device that has all of its security fixes installed. However, if the user is currently using their own personal device or if all the security updates are not up to date, then it will be blocked from downloading.

A new capability will also block or warn users from visiting certain websites, or categories of websites, that violate a company’s acceptable use policies. For example, a company could block users from visiting certain popular file-sharing websites, while still allowing them to share files through the company’s own internal file-sharing system.

It also adds data loss protection for print, which allows IT teams to stop users from sending files to print that might contain confidential data. This is important because anything physical could end up being thrown away in the trash and it could be picked up while “dumpster diving” by a hostile party potentially revealing proprietary information.

Google already reviews extensions before they are added to the web store for Chrome, Nair explained, “but users can side-load them and, for administrators, it can be a very challenging process to manage them.” There are hundreds of thousands of browser extensions – more than 250,000 available in the Chrome web store alone.

There are two ways that IT and security teams generally approach extensions: They can either vet a list of allowable extensions based on policies, or they can block everything by default and then approve them one by one based on requests from users.

To assist with this the Chrome enterprise is adding additional ways for security teams to understand the risks that extensions pose to help them vet them for approval. They have added insights from CRXcavator and Spin.AI to the Chrome Browser Cloud Management console. Both tools provide at-a-glance risk scores of extensions being used, or requested for approval, so that security teams can make better decisions.

Last year, the Chrome enterprise team launched Reporting integrations, which allowed organizations to send security information to logging providers such as Splunk Inc., CrowdStrike Holdings Inc., Palo Alto Networks Inc. and various Google solutions about what was happening to their Chrome browsers. There are now two new security event insights including the installation of new extensions so IT and security teams can track usage across the environment and browser crash events, which ordinarily go unreported unless users complain about them.

Image: Google