Chrome OS is getting a security beef up for enterprise devices via Verified Access.
For most people who use Chrome OS or use Chromebooks, they probably won’t care about this feature, nor even understand what it does. After all, Chromebooks and Chrome OS itself are already very secure with automatic updates, PIN unlock, and even a rumored fingerprint reading feature– and thus Verified Access is a feature they have no use for. For businesses, this is what it’s all about. It’s basically Google’s answer to client-side verification and authentication for devices. A simple download of a Chrome app can make sure the device trying to connect to whatever gateway is the actual device and hasn’t been modified. It’s basically a genuine checker for devices running Chrome OS to make sure they are what they say they are.
What is Verified Access on Chrome OS?
A feature called “verified access” hosted by Google’s server-side API checks and guarantees the identity of a Chrome OS device and the user using it to access important and sensitive areas, such as a VPN gateway, a server, a WiFI point, a network service, or an enterprise certificate authority. This eliminates client-side modification, hacks, and spoofing since the device needs to be checked by Google’s servers rather than software installed on the user’s device.
This feature is built on the Trusted Platform Module which is built into every Chrome OS device. The main purpose of the TPM is to verify that the device is authentic, compliant, and non-modified in any way. It basically guarantees that the Chrome device you’re using is the device you’re using and it hasn’t been altered or changed.
Verified Access improves security for Chrome OS
Why is this important? Because for big businesses, security is always an issue. Employees need to access sensitive information and having a verified Chrome OS device guarantees that the user is authentic and not a spoofed user on a spoof device (spoof means fake).
Saswat Panigrahi, senior product manager, writes in a Google for Work blog post:
“This matters because most businesses, particularly large enterprises, have policies and requirements in place that allow network and data access only to enterprise-managed and verified devices, but many of the current solutions rely primarily on heuristic client side checks out, but a bad actor that can compromise your Operating System can probably also fake the signals being checked for.”
Verified Access is another innovative move by Google
So, with Verified Access, it’s another layer of security that actually goes through Google’s servers, or something along those lines, instead of relying on the client-side for verification checks. Apparently, Verified Access has already been in use within Google. For enterprises and businesses with Chrome OS-powered devices, all they need to do is download a Chrome app on any Chrome device they want to verify. That’s it.
An extra layer of security like this pushes the bounds for Chrome OS. For most users, this won’t be anything special. For businesses, it helps. Still, it’s not to know that Google is innovating for the best.