Friday, May 24, 2024

Google Adds New Cyber Security Tools & Features to ChromeOS

As per reports, cybercrime will reach $10.5 trillion by 2025, including all kinds of cybercrime activities like RaaS, Phishing, malware, and much more. It will be mandatory for organizations to protect themselves from these threats. 

According to Google, “ChromeOS, this is the cornerstone of our security strategy: ChromeOS devices are secure out of the box.” ChromeOS has been implemented in organizations worldwide for security and protection against data leakage.

Key Principles of ChromeOS

ChromeOS has the following things already implemented.

  • Booting is verified by default
  • Automatically blocks untrusted executables
  • Copy and paste, screen capture, printing, or USB downloading is prevented by default. 
  • Chrome Browser can be used by IT and Security teams to see the Chrome extensions installed on the users’ browsers. They can also set policies for the extensions and have an approval workflow if a user requests an extension.
  • Security teams can see the “Extensions score” for all the extensions the user uses in the browser environment.

Note: Excavator and Spin.AI are the tools used to check the Chrome extensions’ risk assessment.

Risk Assessment Source: Google

“Secure by Design, Secure by Default” was the title of the new cybersecurity guidelines released by the CISA, NSA, FBI, and other International government agencies, including the US government.

The guidelines stated that developers and vendors must be aware of securing the core product design instead of depending on the end user.

Google stated that ChromeOS has all the core security designed and implemented by default. Adding to the security part of ChromeOS, Google has released some more features in ChromeOS. IT admins can do the following:

  • As part of data protection, IT administrators can protect the data in specific confidential locations like the HR or accounting apps.
  • Prevent Screenshotting, copy and paste, and social media leakage.
  • Specific user groups can be prevented from printing and screen sharing. This can be done based on the business requirements.

Nick Peterson, Security Engineer at Google Security, said, “ChromeOS data controls allow us to better understand how sensitive data moves through our company. This allows us to better focus resources, improving security while also helping teams become more productive and effective.”

Additionally, Chromebook Users can manage their camera and microphone access from the settings page of the OS itself, providing one-click access to turn on/off the camera/microphone.

Privacy Controls

As for monitoring purposes, IT admins can use Crowdstrike Falcon Insight XDR to monitor threats inside the users’ devices. Login/Logout will also be monitored, which can be integrated with any preferred SIEM Tools.

Google stated that “ChromeOS devices, built to be secure by default, have had zero reported ransomware attacks. With these capabilities announced today, ChromeOS continues to innovate and make the modern workplace safe and trusted.”

Google has released a complete list of features for users to check and strategize their organizations’ security infrastructure.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus


Latest articles

Hackers Weaponizing Microsoft Access Documents To Execute Malicious Program

In multiple aggressive phishing attempts, the financially motivated organization UAC-0006 heavily targeted Ukraine, utilizing...

Microsoft Warns Of Storm-0539’s Aggressive Gift Card Theft

Gift cards are attractive to hackers since they provide quick monetization for stolen data...

Kinsing Malware Attacking Apache Tomcat Server With Vulnerabilities

The scalability and flexibility of cloud platforms recently boosted the emerging trend of cryptomining...

NSA Releases Guidance On Zero Trust Maturity To Secure Application From Attackers

Zero Trust Maturity measures the extent to which an organization has adopted and implemented...

Chinese Hackers Stay Hidden On Military And Government Networks For Six Years

Hackers target military and government networks for varied reasons, primarily related to spying, which...

DNSBomb : A New DoS Attack That Exploits DNS Queries

A new practical and powerful Denial of service attack has been discovered that exploits...

Malicious PyPI & NPM Packages Attacking MacOS Users

Cybersecurity researchers have identified a series of malicious software packages targeting MacOS users.These...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles