Protect Chrome users with Chrome Enterprise Premium

Start here to implement enhanced user protections in Chrome

Chrome Enterprise Premium features are available only for customers who have purchased Chrome Enterprise Premium.

You can use Chrome Enterprise Premium threat and data protection to integrate Chrome with a variety of security features, to enhance existing Chrome security protections, or to use new features with Chrome. These features include additional malware protections, Data Loss Prevention (DLP) rules, security alerts, and reporting tools.

Here are steps for implementing these protections, and reporting and investigation options to explore after the protections are configured and in use.

Configure Chrome, create DLP rules & set up alerts

Step 1: Set up Chrome management

Set up cloud management for Chrome browser, Chrome profiles, or ChromeOS devices, depending on your supported operating systems.

For details:

Step 2: Set up Chrome Enterprise connector policies

To enable additional protections against data loss and malware, you need to enable Chrome Enterprise connectors so content gathered in Chrome is uploaded to Google Cloud for analysis. You must enable Chrome Enterprise connectors for DLP rules to integrate with Chrome.

These settings are in addition to any general settings you configured as part of Chrome Enterprise Core or ChromeOS device management.

To learn how to set up Chrome Enterprise connector policies, go to Set Chrome Enterprise connector policies for Chrome Enterprise Premium .

  • On ChromeOS and on Windows and Mac without Chrome Enterprise Core configured—Chrome Enterprise Premium is enabled through user-level cloud policies. In turn, Chrome Enterprise Premium is applied to managed users whether or not the device or browser is managed. 
  • On Windows or Mac with Chrome Enterprise Core configured—Chrome Enterprise Premium is enabled through device-level cloud policies. Chrome Enterprise Premium is applied to any Chrome browsers enrolled in Chrome Enterprise Core on the device.
  • On ChromeOS managed guest sessions—Chrome Enterprise Premium is enabled through managed guest session policies on managed devices. 

For more information, go to Understand Chrome policy management.

Step 3: Verify that the Chrome Enterprise Premium service is enabled

For information on how to turn a service on for specific organizational units or groups, see Turn a service on or off for Google Workspace users.

Step 4: Set up data protection rules

After you enable Chrome Enterprise connectors, create DLP rules to control the sharing of sensitive data. You can create rules specific to Chrome and define which action (block, warn, audit) to take when certain events take place in the browser, such as uploading or downloading a file, pasting or printing content, or accessing a website.

You can also create DLP rules specific to ChromeOS to scan files transferred between ChromeOS and other file systems, for example, an external USB or Google Drive. You can block file transfers, warn users about sharing sensitive data when transferring files, or log the event for future audit to assess the impact of new rules.

For details: Use Chrome Enterprise Premium to integrate DLP with Chrome

Step 5: Set up activity alert rules

Set up alert center rules so analysts are notified of certain security events.

For details: View alert details

View log events & security reports & perform investigations

After you configure Chrome Enterprise Premium and events occur, you can use the Rule log events and security dashboard security reports to monitor security events. Also, you can use the security investigation tool to learn more about alert notifications.

View the Rule log events

Use the Rule log events to track user attempts to share sensitive data. You can track the device type and ID for Chrome Enterprise Premium-related events.

For details on DLP rules-related audit data types: Rules log events

View security dashboard reports

View reports in the security dashboard. Security reports related to Chrome Enterprise Premium are:

Use the security investigation tool to examine security issues

You can further investigate the source of the alert in the security investigation tool, which allows you to identify, triage, and take action on security and privacy issues in your domain.

For details: About the security investigation tool

Chrome Enterprise Premium threat and data protection URLs

Several URLs check for updates when running Chrome Enterprise Premium threat and data protection. Chrome browser must access the following URLs when Chrome Enterprise Premium threat and data protection is implemented.

For details: What URLs are used for Chrome browser updates?

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Main menu
9894292325383695098
true
Search Help Center
true
true
true
true
true
73010
false
false