Are Enterprises Protected From the Threats Lurking on the Web?

Bring Your Own Device (BYOD) has become ingrained in company culture, with 70% of businesses enabling employees to work from a personal device, according to Bitglass’s 2021 BYOD Security Report. Unfortunately, personal devices are also the weakest link in the security chain. LayerX reports that over half of these devices lack the browser cyber defenses that are de rigueur on corporate computers. One area of risk is that many employees work on outdated browsers, which often lack the most up-to-date security patches, leaving their devices exposed should they accidently access malicious sites or files. 

With remote work blurring the line between home and the office, many workers are also playing mix-and-match with their data, accessing personal data on work devices, or corporate data on private devices—a practice that makes it easier for cybercriminals to steal credentials to access company data. 

Unmanaged devices not only leave companies vulnerable to malware and data breaches, they are also difficult for IT teams to track and manage. Nearly half of organizations report being unsure if any of the BYOD in their ecosystem downloaded malware from the web in the last 12 months, according to Bitglass—a dangerous lack of visibility that leaves companies, and their data, exposed.

Security teams can’t protect what they can’t see. And while managing every employee’s personal smartphone and laptop is untenable, getting oversight of their browsers is not. 

“People want to access their work apps on their phones or from their personal computers at home, and that just becomes an overload of devices for IT to manage,” says Lauren Miskelly, Managing Director at Chrome Enterprise. “If companies can manage security at the browser level, versus the device level, that takes some of the overhead away for IT.”

Chrome Enterprise helps companies do just that by providing security professionals a centralized cloud-management solution that gives them oversight of their cloud environment across devices. With Chrome Enterprise’s cloud management, IT teams can gain visibility into potential risks, including password reuse, malware transfer, visits to unsafe sites, as well as which versions of Chrome are installed across their organization.

Chrome Enterprise also leverages its scale and expertise to provide companies with an extra line of defense. Google has dedicated teams tracking zero-day vulnerabilities, pushing out fast and automatic updates that keep organizations’ Chrome browser fleet up-to-date. Chrome Enterprise also employs security tools powered by learnings from its billions of web users. 

“We use AI to be able to say, ‘Is that site, or that file or download malicious? And how do we protect our users against that?” says Miskelly.

Once security teams have better visibility into what’s happening across both unmanaged and managed devices, they can start enforcing better cyber hygiene across BYOD through adaptive policy management. 

IT can also group employees by role or security risk and apply bespoke policies accordingly. These policies can protect web users from malware by blocking untrusted file downloads and extensions or by preventing access to unsafe URLs. They can also stop breaches before they happen by blocking certain users from uploading sensitive company data.

“A big challenge for IT is knowing what is actually happening in the browser. Are users on the latest version of Chrome? Are they downloading extensions that might be malicious?” asks Miskelly. “A lot of what Chrome Enterprise does is allow IT to set controls and policies to make sure those things don’t happen in the corporate environment.”