Google today announced the availability of Verified Access for Chrome OS devices. The company has used Verified Access internally for years to enhance security of Chrome devices, and it’s now making the feature available for enterprises to leverage themselves.
Verified Access ensures a network service (VPN gateway, server, a certificate authority, or a Wi-Fi access point) can get a hardware-backed cryptographic guarantee of the identity (device and user) that’s trying to access it. Many businesses have policies and requirements that allow network and data access only to enterprise-managed and verified devices. Instead of relying primarily on heuristic client side checks, which leaves the door open for a compromised OS faking the signals being checked, Verified Access uses the Trusted Platform Module (TPM) in every Chrome OS device to let enterprise network services cryptographically confirm the identity and status of verified boot and enterprise policy using a Google server-side API.
Google offers an example. When integrating with an enterprise certificate authority, hardware-protected device certificates can be distributed to only managed, verified devices.
Duo Security and Ruckus Wireless are already leveraging Google’s new Verified Access API. Identity, network, and security providers can do the same: Enable Verified Access with Chrome devices.
Google today also announced that Smartcard Authentication support, the required way of authenticating for employees in many security sensitive organizations, is now available for Chrome OS devices. The new Citrix Receiver for Chrome 2.1, for example, can be used to authenticate to virtualized Citrix apps using smartcards.
One of the biggest advantages Chrome OS has over other operating systems is its updating system. The security angle is there too: Your employees will always have the latest patches. But that’s not enough for many enterprises, and this is just the latest play from Google to make Chrome OS more competitive in the enterprise space against Windows and OS X.