Google’s Verified Access For Chrome OS Devices Raises The Security Bar

Chrome OS been doing very well recently and has made great strides within the Enterprise sector where it can be utilized for connecting teams together for conference calls without necessitating the need to log in remotely to a central server. Now, Google is adding Verified Access to all Chrome OS devices making them significantly more secure for Enterprise use. The feature uses a Google server-side API to ensure the identity of a computer device and the user attempting to access a network service, like a VPN gateway, Enterprise certificate authority (CA), a sensitive server, or an Enterprise Wi-Fi access point. It relies on the Trusted Platform Module present in every Chrome OS device to ensure the device is authentic, unmodified, and policy compliant.

Companies will now have the ability to cryptographically validate the identity of Chrome OS devices connecting to their networks and verify that those devices comply with their security policies. Many of these checks are currently performed on devices using heuristic methods, however the results could be faked if the devices’ operating system (OS) is compromised. With Verified Access, Google intends to make it impossible to fake those results in Chromebooks.

However, before organizations can use this new feature, they have to install a particular extension on their Chrome OS devices and also to have network services that comprehend the Verified Access protocol. That is why Google is inviting identity, network, and security providers to integrate their products or services with its new API.

This technological development does have important repercussions. As Enterprise users start to become more demanding, and Chromebooks with Verified Access are accepted by increasingly more firms, the bar for Chromebook hardware will likely be raised for everybody. And it is a statement by Google that it takes the security of Chrome OS in general seriously.