Do you think the recently revealed flaws in the Google Chrome extensions that enable the functionality on Chromebook...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
notebooks represent a fundamental flaw in the design of the platform? Should they affect how we conduct our risk assessment regarding whether to allow these devices on the network?
As Google states, the Google Chrome extension flaws are more Web security flaws than operating system-level flaws. This is not to minimize the risk from this security vulnerability in Chromebooks or the VUPEN attacks on Chrome. But, the fact that security researchers and attackers are shifting their tactics away from attacking the OS via the browser to using the browser to abuse Web application insecurities illustrates security improvements have been made in the Chromebook OS. This specific attack also illustrates weaknesses in the design of the Chrome Web browser extensions.
A mobile device risk assessment for Chromebook security should be more comprehensive than just looking at the risk around the browser plug-ins or even evaluating the Chrome Web browser. If you are evaluating risks to Web browsers in use on your network, you will want to identify browser plug-ins that may be used on your systems, like ActiveX controls, Java, Flash, etc. A risk assessment of Chromebooks may come down to just evaluating the Chrome Web browser since the platform’s security features include a lengthy list of security capabilities. Also, one of the fundamental components of using Chromebooks is using cloud-based services, so the potential cloud-based services should be included in the risk assessment.
Dig Deeper on BYOD and mobile device security best practices
Related Q&A from Nick Lewis
The CIA Vault 7 cache exposed the Brutal Kangaroo USB malware, which can be spread to computers without an internet connection. Learn how this is ...continue reading
Kaspersky Lab recently accused Windows 10 of acting as an antivirus block to third-party antimalware software. Discover how your software is being ...continue reading
QakBot malware triggered hundreds of thousands of Microsoft Active Directory account lockouts. Discover the malware's target and how these attacks ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.