Skip to main content

We recommend standardizing on Chrome as your internal browser.

Why?

By standardizing on one browser, IT administrators can more easily deploy and manage security policies, updates, and troubleshoot issues. This can save time and resources for IT staff. It can help to improve security by reducing the attack surface and enabling IT to focus on securing one browser instead of multiple. Also, IT staff can be more familiar with the security features, vulnerabilities and best practices of that browser.

From the compliance perspective, some industries may have regulations or compliance standards that specify which browser must be used, standardizing on one browser can help organizations to meet these requirements. And finally, standardizing on one browser can help to reduce costs associated with purchasing and maintaining multiple browsers.

Guidance

It can be difficult to get employees to sign in to Chrome with their enterprise accounts in order to apply settings. We recommend first deploying an enrollment token to your managed devices, which will apply Chrome settings to them regardless of whether a user has been signed in.

Once some form of browser management in place, head into Devices > Chrome > Settings > Users & Browsers and set your security baselines. If you’re not sure where to begin, start by taking a look at the CIS Benchmaks for Chrome. Any major changes should first be applied to an OU of testers (such the IT team) and then expanded out from there.