Today, rolling out Google Chrome 63 includes many security enhancements for enterprise users. Site Isolation allows pages to be rendered in a separate process, while TLS 1.3 is currently enabled on Gmail. Google has also announced the future security features for the year ahead.
Furthering the existing sandbox technology, site Isolation has Chrome render content for every open website in a dedicated method that’s isolated from other pages. It is customized so that only certain web pages on a preset list won’t share processes or cross-site iframes.
Google suggests enabling this for sites that require a log-in and host sensitive content, like an intranet. However, this extra security will come at the expense of increased memory usage, that Google estimates to be at 10-20%.
Admins and curious users can test the feature using a command line flag, tho’ Google directs enterprise users to use a Chrome policy for wide deployments.
Control extensions based on permissions
In the meantime, the ability for administrators to restrict extensions based on the required permissions is going live now. This policy joins the existing ability to whitelist or blacklist specific extensions.
TLS 1.3 rollout
Chrome 63 also marks the rollout of TLS 1.3 for Gmail. The Transport Layer Security protocol is what allows for secure communications on the net, with the previous version standardized in 2008. While version 1.2 is secure when configured properly, Google argues that it’s needed for an overhaul.
The latest version is faster and safer, with a wider rollout to the whole web scheduled for 2018. Users can see no impact, but Google advises admins that not all systems are interoperable with TLS 1.3 and directs them to a feedback forum.
NTLMv2 support has been extended to all platforms
Finally, the next update to Chrome (version 64) will expand support for the NTLMv2 authentication protocol for Chrome OS, Mac, Linux, and Android. it’s already the default in the Windows browser, with other users ready to activate it today in the redesigned Flags page. starting in Chrome 65, NTLMv2 will become the default NTLM protocol.