Okta and Google Chrome Enterprise: Innovating to secure the enterprise browser

As the leading independent Identity provider, Okta has successfully established Identity as a strategic security control plane by effectively working with ecosystem vendors in the spirit of Zero Trust. This approach has allowed us to provide the blueprint for Zero Trust transformation through end-to-end, context-aware security. It also helps reduce risk, improve the user experience, and enable cross-domain response through shared telemetry and threat intelligence.

Overall, the rise of SaaS apps has transformed the way businesses adopt and consume applications. Browsers are quickly becoming the new desktop — the new endpoint — where most work is accomplished.

That means end-users are accessing an ever-increasing amount of enterprise data through web browsers, performing more sensitive operations through browsers, and using more endpoints and devices to access the browser. With this new endpoint come increased threat vectors that require a new control plane to secure enterprises and end-user access adequately.

Google Chrome Enterprise, the most trusted enterprise browser, shares Okta’s Zero Trust approach.  We’ve partnered with the Google Workspace, Android, and ChromeOS teams to satisfy the need for Identity-driven security.

Last year, we delivered Okta Device Assurance with Chrome Enterprise on ChromeOS, macOS, and Windows devices to secure applications by context-aware signals between Okta and Chrome Enterprise. Since then, we’ve seen significant user adoption and made numerous enhancements. With the launch of Chrome Enterprise Premium this spring, Okta Device Assurance users now benefit from an extra layer of malware inspection, data loss prevention protection, and broad context-aware access.

New at Oktane

This year, we’re announcing the latest wave of innovations between the companies.

• Chrome Enterprise Core enhancements: Chrome Enterprise now allows admins more control and flexibility over user profiles with Chrome Enterprise Core. Managing your browser fleet at the profile level allows for customized settings, granular policies, and enhanced security, especially for BYOD and extended workforce scenarios. It also provides a clear separation of work and personal data for an improved user experience.
• Okta Adaptive MFA: Okta is introducing the following features to significantly enhance the user experience when device posture requirements in authentication and application access policies are enabled.
  • Improved end-user remediation experience: To reduce confusion and support costs, users will see remediation steps in the sign-in widget if access is denied due to a failed condition in the Device Assurance policy.
  • Dynamic OS version policy option: This new option allows Device Assurance policies to dynamically gate access based on minimum OS versions.
  • Configurable grace periods: This new option allows admins to enable end users to continue accessing Okta-protected resources for a configurable time while they remediate failing device checks before losing access once the allotted time expires.
• Identity Threat Protection with Okta AI: The latest addition to this joint effort between Chrome Enterprise and Okta focuses on shared signals to power continuous authentication. Identity Threat Protection with Okta AI is an Identity Threat Detection and Response platform that enables continuous protection for all your users.  At its base, Google Security Operations (formerly known as Chronicle) is a combined SIEM and SOAR platform. Based on the Shared Signals Framework, this new integration, Google SecOps SIEM collects activities from Chrome, which Google SecOps SOAR then analyzes to detect, investigate, and respond to security threats in real time. Through a Custom Playbook within Google SecOps SOAR, risky signals are shared with Okta Identity Threat Protection to alert Okta in real time.

  This pattern between Identity Threat Protection and Google Security Operations can be extended beyond Chrome to other products integrated into Google Security Operations, including Google Workspace and Google Cloud Platform. 

As we continue this journey together, Okta and Google are committed to providing our joint customers with the best user experience and security. Stay tuned!

Ready to learn more?

• Discover the benefits of Chrome Enterprise through exclusive articles, guides, videos, and more. 
• Sign up for Chrome Enterprise Core for free.

Learn how to configure the Chrome Enterprise Device Trust integration with Okta.