As organizations increasingly rely on web applications and remote workforces, secure enterprise browsing is rapidly becoming the standard for protecting corporate data and ensuring productive, secure user experiences from any location or device.
Chrome Enterprise Premium enhances Chrome's built-in security for enterprises by providing:
Configurable Data Loss Prevention: Prevent data leaks by controlling actions such as copying, pasting, downloading, and printing.
Real-time Phishing, Malware, and Sandboxing Protection: Automatically detect and block phishing sites, malware, and unsafe downloads.
Context-Aware Access Controls: Enforce secure access to critical applications and resources based on user identity, device security posture, and geographic location.
Benefits to users
Chrome Enterprise Premium presents a security model that allows for greater security posturing and policy for both applications and devices, while providing end users a better user experience no matter where they access from or what type of device they use to do so:
- For administrators:
- Strengthen security posture to account for dynamic changes in a user's context.
- Shrink the access perimeter to only those resources that an end user should be accessing.
- Enforce device security postures for employees, contractors, partners, and customers for access, no matter who manages the devices.
- Extend security standards with per-user session management and multifactor authentication.
- For end users:
- Allow all end users to be productive everywhere without compromising security.
- Allow the right level of access to work applications based on their context.
- Unlock access to personally-owned devices based on granular access policies.
- Access internal applications without being throttled by segmented networks.
Common use cases
As end users work outside of the office more often and from many different types of devices, enterprises have common security models they are looking to extend to all users, devices, and applications:
- Allow non-employees to access a single web application deployed on Google Cloud or other cloud services platforms without requiring the use of a VPN.
- Allow non-employees to access data from their personal or mobile devices as long as they meet a minimum security posture.
- Ensure employees are prevented from copying and pasting sensitive data into email or saving data into personal storage such as Google Drive.
- Only allow enterprise-managed devices to access certain key systems.
- Provide DLP protections for corporate data.
- Gate access based on a user's location.
- Protect applications in hybrid deployments that use a mix of Google Cloud, other cloud services platforms, or on-premises resources.
Common signals
Chrome Enterprise Premium offers common signals enterprises can take into account when making a policy decision, including:
- User or group information
- Location (IP or geographic region)
- Device
- Enterprise-managed devices
- Personally-owned devices
- Mobile devices
- Third-party device signals from partners
- Check Point
- CrowdStrike
- Lookout
- Tanium
- VMware
- Risk scores
How to get Chrome Enterprise Premium
Complete this form to get more information about upgrading to Chrome Enterprise Premium.
Chrome Enterprise Premium compared with Google Cloud
Chrome Enterprise Premium provides enterprise security features in addition to the basic protections, focused on protecting applications with authentication and authorization, that are baseline features of Google Cloud. Chrome Enterprise Premium extends those protections to applications and data running everywhere, with end-user protections and rich access policy protections.
The following table shows the differences between the baseline features available to Google Cloud customers and what is available with Chrome Enterprise Premium:| Applications and Resources Access | Google Cloud Baseline | Chrome Enterprise Premium |
|---|---|---|
| Access control to web applications on Google Cloud Platform | ||
| Access control to SSH, RDP and TCP ports for VMs on Google Cloud | ||
| Access control to Google Cloud Platform APIs | ||
| Access control to Google Cloud console | ||
| Access control to web applications on Google Cloudinternal load balancing | ||
| Access control to web applications on customer premises | ||
| Access control to thick client / client-server applications | ||
| Access control to web applications on AWS and Azure | ||
| Access control to SAML-based applications (login time) | ||
| Access control to Google Workspace Admin Console | ||
| Access Policies and Advanced Settings | Google Cloud Baseline | Chrome Enterprise Premium |
| Access levels using users | ||
| Access levels using IP addresses and geolocations | ||
| Access levels using time and date restrictions | ||
| Access levels using login credential strength | ||
| Access levels using enterprise certificates | ||
| Access levels using device security postures | ||
| Access levels using Chrome security postures | ||
| Access levels using third party partner signals | ||
| Access levels using advanced expression language | ||
| Same-origin policy configuration in HTTP OPTIONS | ||
| Custom authentication domain and 403 pages | ||
| User, Threat, and Data Protection | Google Cloud Baseline | Chrome Enterprise Premium |
| Data loss prevention w/ predefined or custom detectors (Chrome) | ||
| Malware protection w/ advanced sandboxing (Chrome) | ||
| Phishing and malicious URL protection (Chrome) | ||
| Threat and data protection alerting and reporting (Chrome) |
What's next
- Learn more about access protection controls
- Learn more about threat and data protections