Google Chrome 68 Changes and Their Impact on Data Protection

Google declared in November a year ago that they wanted to roll out improvements to Chrome to enhance soundness of their program, particularly by blocking outsider applications from infusing code into Chrome's processes1. In July, with the arrival of Chrome 68, they will begin to uphold this. (Reducing Chrome crashes caused by third-party software)

While the rationale behind this is reasonable this comes with some not as much as alluring symptoms that will influence information misfortune avoidance (DLP) programming suppliers, including McAfee®.

As a major aspect of our endpoint DLP item we offer Web Protection decides that can investigate both document and web frame information (content) transfers to sites and alternatively keep a potential information break by obstructing the transfer. Notwithstanding, this is just conceivable by infusing code into the program, which is precisely what Google will avoid.

Google states in the article that Chrome expansions are an advanced other option to running code within Chrome forms. Sadly, this approach isn't perfect for DLP merchants as Chrome expansions are nonconcurrent, implying that the augmentation is told of the transfer after it has happened. Plainly the issue here is that this implies DLP items are not ready to square touchy information per strategy in such a situation. McAfee has formally asked for a reasonable API be added to Chrome to permit blocking by means of expansions however to date we have not gotten an affirmed reaction.

While our endpoint DLP product will only be able to monitor and alert on file or text uploads via the Web Protection rule with the release of Chrome 68, the good news is that there are other ways in which potential data breaches via uploads can be blocked or rapidly remediated:

• McAfee’s endpoint DLP product offers Cloud Protection rules to monitor the local sync folder created by installing the sync agents included with Microsoft’s OneDrive, Google’s Drive (Backup and Sync) and other file sync and share apps.

• McAfee’s Network DLP Prevent product monitors web and email traffic at the network level and can block file uploads.

• McAfee’s Skyhigh Security Cloud product scans a variety of cloud file sync and share collaboration apps for sensitive files and offers remediation options such as quarantining or deleting the sensitive file.
      
• McAfee’s Network DLP Discover product can scan Microsoft Sharepoint and file server shares for sensitive files with remediation options similar to those found in McAfee’s Skyhigh Security Cloud.
      
• McAfee’s Web Gateway product can be used to simply block access to sites with poor reputations or sites that do not fall into typical work/business categories.
      
• McAfee’s Web Gateway Cloud Services can be used in conjunction with McAfee Client Proxy to redirect corporate laptop traffic to our scanning service when the device is not connected to the corporate network

McAfee will continue to review Chrome’s architecture for changes that will enable us to offer blocking capability once more via our endpoint DLP product and will notify if this becomes possible.