Protecting your remote workforce with context-aware data loss rules and URL filtering

As remote work remains the norm for many people, organizations continue to seek out solutions to protect corporate data regardless of where employees are located and which devices they use. In particular, monitoring for potential data exposures can be a challenging task when employees or contractors use unmanaged devices, as there is risk of downloading unauthorized data or accidentally uploading sensitive files to personal accounts.

Traditional solutions to these challenges, such as using Virtual Desktop Infrastructure (VDI) or agent-based tools, can be costly and interrupt user productivity. We’ve added two secure enterprise browsing capabilities in Google Chrome to help implement strong, low-overhead data controls in tools already in end-users hands.

New Data Loss Prevention (DLP) rules with Context-Aware conditions can provide the ability to control sensitive information transfers based on user and device attributes. An admin can create targeted rules that limit access based on the user’s device information, such as only allow access to users with Chrome Managed Browsers. Such rules are a key ingredient for organizations that want to protect their data from unauthorized access, particularly when data is being accessed on personal devices, external networks, or restricted geo locations.

A data loss prevention (DLP) rule blocks downloads of documents from high-risk geolocations by configuring a simple Context-Aware Access condition in Chrome.

Using Context Aware device conditions can be particularly useful when you pair it with our new Chrome URL filtering feature. Combining these two capabilities together allows administrators to create rules for specific authorized URLs or categories of URLS based on user device and profile. For example, a customer can now write a rule to block access to social network sites on Chrome for all managed chrome browsers.

These new capabilities are generally available from BeyondCorp Enterprise (BCE) and are delivered through Chrome, which make up our secure enterprise browsing solution. BCE with Chrome gives administrators the ability to target specific actions and easily scale policies without forcing an installation of any new browser or additional software which can impede end-user productivity.

Customers have already been using these new features across a number of use cases, including:

For example, customers who manage contact centers where employees use unmanaged devices can now ensure their help desk agents can only access specific web applications, and do not have general Internet access from within a corporate profile.

Customers can set up URL filtering in a matter of minutes. As you can see below, setting up a new Context-Aware Access rule to stop all managed browsers from accessing social networks can be easily applied to an entire org using the new URL visits option. The context condition for accessing URL categories in this case is managed browsers, and the action is set to block. In this example, we use the power of Google Search indexing to offer hundreds of website categories across the web with new sites being indexed and categorized within hours.

The above is an example of how context-aware policies can be used to improve the security of your users and corporate data. Additionally, admins aren’t limited to these set categories or predefined access levels. You can create your own granular rules and lists of URLs to set the right conditions for your organizations and keep users safe.

Related posts

Gain access visibility and control with Access Transparency and Access Approval

by Cloud Ace Indonesia
1 year ago

Evolving to a programmable cloud

by Kartika Triyanti
3 years ago

Infrastructure Security in Google Cloud

by Kartika Triyanti
2 years ago