Tag Archives: Connected Workspaces

Say “yes” to HTTPS: Chrome secures the web, one site at a time

Editor’s note: October is Cybersecurity Awareness Month, and we're celebrating with a series of security announcements this week. See our earlier posts on new security protections tailored for you, our new Advanced Protection Program, and our progress fighting phishing.

Security has always been one of Chrome’s core principles—we constantly work to build the most secure web browser to protect our users. Two recent studies concluded that Chrome was the most secure web browser in multiple aspects of security, with high rates of catching dangerous and deceptive sites, lightning-fast patching of vulnerabilities, and multiple layers of defenses.

About a year ago, we announced that we would begin marking all sites that are not encrypted with HTTPS as “not secure” in Chrome. We wanted to help people understand when the site they're on is not secure, and at the same time, provide motivation to that site's owner to improve the security of their site. We knew this would take some time, and so we started by only marking pages without encryption that collect passwords and credit cards. In the next phase, we began showing the “not secure” warning in two additional situations: when people enter data on an HTTP page, and on all HTTP pages visited in Incognito mode.

http search

It’s only been a year, but HTTPS usage has already made some incredible progress. You can see all of this in our public Transparency Report:


  • 64 percent of Chrome traffic on Android is now protected, up from 42 percent a year ago.

  • Over 75 percent of Chrome traffic on both ChromeOS and Mac is now protected, up from 60 percent on Mac and 67 percent on Chrome OS a year ago

  • 71 of the top 100 sites on the web use HTTPS by default, up from 37 a year ago

percentage of page loads over HTTPS in Chrome by platform
Percent of page loads over HTTPS in Chrome by platform

We’re also excited to see HTTPS usage increasing around the world. For example, we’ve seen HTTPS usage surge recently in Japan; large sites like Rakuten, Cookpad, Ameblo, and Yahoo Japan all made major headway towards HTTPS in 2017. Because of this, we’ve seen HTTPS in Japan surge from 31 percent to 55 percent in the last year, measured via Chrome on Windows. We see similar upward trends in other regions—HTTPS is up from 50 percent to 66 percent in Brazil, and 59 percent to 73 percent in the U.S.!


Ongoing efforts to bring encryption to everyone


To help site owners migrate (or originally create!) their sites on HTTPS, we want to make sure the process is as simple and cheap as possible. Let’s Encrypt is a free and automated certificate authority that makes securing your website cheap and easy. Google Chrome remains a Platinum sponsor of Let’s Encrypt in 2017, and has committed to continue that support next year.


Google also recently announced managed SSL for Google App Engine, and has started securing entire top-level Google domains like .foo and .dev by default with HSTS. These advances help make HTTPS automatic and painless, to make sure we’re moving towards a web that’s secure by default.


HTTPS is easier and cheaper than ever before, and it enables both the best performance the web offers and powerful new features that are too sensitive for HTTP. There’s never been a better time to migrate! Developers, check out our set-up guides to get started.

Source: Google Chrome


Say “yes” to HTTPS: Chrome secures the web, one site at a time

Editor’s note: October is Cybersecurity Awareness Month, and we're celebrating with a series of security announcements this week. See our earlier posts on new security protections tailored for you, our new Advanced Protection Program, and our progress fighting phishing.

Security has always been one of Chrome’s core principles—we constantly work to build the most secure web browser to protect our users. Two recent studies concluded that Chrome was the most secure web browser in multiple aspects of security, with high rates of catching dangerous and deceptive sites, lightning-fast patching of vulnerabilities, and multiple layers of defenses.

About a year ago, we announced that we would begin marking all sites that are not encrypted with HTTPS as “not secure” in Chrome. We wanted to help people understand when the site they're on is not secure, and at the same time, provide motivation to that site's owner to improve the security of their site. We knew this would take some time, and so we started by only marking pages without encryption that collect passwords and credit cards. In the next phase, we began showing the “not secure” warning in two additional situations: when people enter data on an HTTP page, and on all HTTP pages visited in Incognito mode.

http search

It’s only been a year, but HTTPS usage has already made some incredible progress. You can see all of this in our public Transparency Report:


  • 64 percent of Chrome traffic on Android is now protected, up from 42 percent a year ago.

  • Over 75 percent of Chrome traffic on both ChromeOS and Mac is now protected, up from 60 percent on Mac and 67 percent on Chrome OS a year ago

  • 71 of the top 100 sites on the web use HTTPS by default, up from 37 a year ago

percentage of page loads over HTTPS in Chrome by platform
Percent of page loads over HTTPS in Chrome by platform

We’re also excited to see HTTPS usage increasing around the world. For example, we’ve seen HTTPS usage surge recently in Japan; large sites like Rakuten, Cookpad, Ameblo, and Yahoo Japan all made major headway towards HTTPS in 2017. Because of this, we’ve seen HTTPS in Japan surge from 31 percent to 55 percent in the last year, measured via Chrome on Windows. We see similar upward trends in other regions—HTTPS is up from 50 percent to 66 percent in Brazil, and 59 percent to 73 percent in the U.S.!


Ongoing efforts to bring encryption to everyone


To help site owners migrate (or originally create!) their sites on HTTPS, we want to make sure the process is as simple and cheap as possible. Let’s Encrypt is a free and automated certificate authority that makes securing your website cheap and easy. Google Chrome remains a Platinum sponsor of Let’s Encrypt in 2017, and has committed to continue that support next year.


Google also recently announced managed SSL for Google App Engine, and has started securing entire top-level Google domains like .foo and .dev by default with HSTS. These advances help make HTTPS automatic and painless, to make sure we’re moving towards a web that’s secure by default.


HTTPS is easier and cheaper than ever before, and it enables both the best performance the web offers and powerful new features that are too sensitive for HTTP. There’s never been a better time to migrate! Developers, check out our set-up guides to get started.

New Android Management API delivers simple, powerful tools for enterprise

Managing mobile devices and applications can be a challenge for businesses and partners of all sizes.


Today, our Enterprise Mobility Management (EMM) partners write their own management app in order to enable management of Android devices; we call this a “device policy controller” (DPC) app. A DPC app is essentially an agent deployed by the EMM, with the real value living in the console and back end, which the app communicates with directly.  


Now, with our newest tool, the Android Management API, customers and EMMs can manage devices using a server-side API and eliminate the need to write a management app. The Android Management API takes on this complexity so partners can focus on what’s important to their customers and not worry about the underlying Android framework.


Now, creating policies for your device fleet is as simple as creating a Google Cloud project and making a couple of REST API calls. The Android Management API is built around policies, rather than discrete transactions; just tell the API how a device should be managed.

Behind the scenes, Google interprets these policies into a specific set of actions for the target device, and executes those requests using the Android Device Policy app, a Google-made managing agent. Because we provides the managing agent, developers don’t need to handle nuances of the framework implementation, such as which APIs are available or what bugs need to be worked around on given versions of Android.
Android devices

We’ve been testing the Android Management API with several early access partners. Mobiltec, which has launched a validated Corporate Owned Single-Use (COSU) solution, found the new API sped up the company’s EMM efforts by easing back on some development needs.


“Android Management API is a powerful Cloud Platform API that allows us to easily integrate Android EMM functions to cloud4mobile, our EMM tool. With this new management API, we can deliver top-of-market EMM solutions to a wide range of devices,” says Paulo Morandi, senior software architect at Mobiltec. “Since we don't need to develop our own DPC (device policy controller), new features can be added in minutes; just some HTTP requests and you are done.”

 

The Android Management API is compatible with any device running Android 6.0 (Marshmallow) or above that has Google Play installed. Designed with the needs of businesses in mind, it doesn't matter if an organization's devices come from one or many manufacturers—this new API provides a consistent way to manage a device.


Our first set of APIs focus on purpose-built devices use cases, such as digital signage, ticket printing, or kiosks. Over the coming months, our team of engineers will add more features to cover knowledge worker management use cases, and ultimately all Android enterprise solution sets.


The Android Management API is now available in beta for all partners and developers, whether they are developing EMM software, purpose-built specific applications, or an in-house solution for an organization.


Want to try it out? Using Google’s API Explorer, you can try out the API and provision a device in minutes. All you need is a new or factory reset Android 6.0+ device and a Gmail account. Check out the Quick Start Guide to discover how quickly things can get up and running. We hope this makes development easier for partners and helps them bring the latest Android features to customers faster.

Delivering better government services at lower costs with Chrome

Editor’s note: Today’s post comes from Vijay Badal, Director of Application Services of DOTComm. Founded in 2003, DOTComm provides centralized IT support and consulting for 70 government agencies in the city of Omaha and Douglas County, NE. DOTComm uses Chrome browser and G Suite to improve employee productivity and mobility and cut IT costs.

At DOTComm, our employees provide technical support for more than 5,000 government workers throughout Omaha and Douglas County. Because these workers are spread across 120 different locations, our employees need access to the tools they need to do their jobs whether they’re in the office or on site with our customers. Several years ago, we realized the legacy systems we were using were getting in the way.

When employees had to travel to provide technical support for the government agencies we serve, they didn’t have mobile access to important documents, or the ability to share and send files back to the office, such as videos that outlined technical issues. In addition, hardware and licensing were costly, and inflexible productivity applications were making it difficult for employees to collaborate or work from the road. Plus, we needed half a dozen employees just to maintain our infrastructure!

To solve these challenges, we turned to Chrome and G Suite. Chrome is fast, secure and gives our staff access to thousands of useful extensions. It’s also allowed us to standardize across our desktop and mobile devices. G Suite has helped us cut hardware costs and improve collaboration and mobility. With Chrome and G Suite, we no longer pay thousands of dollars in annual licensing fees, and we’ve reduced the number of people managing infrastructure from six to one, freeing up the other five people to work on different tasks.

Chrome’s extensions have been big productivity boosters. One extension syncs the staffs’ Google calendars with their Salesforce calendars. Previously, employees had to check two separate apps and cross-reference two separate calendars. Now they only need to check one. Another extension gives staff mobile access to Google Docs and Google Sheets. This means they can work nearly anywhere. When they’re out of the office, or in the field, they can create and share files on any device they need.

As an IT department, we’re particularly pleased with the security and other IT benefits we get with Google. Chrome has built-in malware and phishing protection, and we use the G Suite admin console to ensure all user downloads are stored on the same network drive so they can be checked for malware. The G Suite admin console lets us control Chrome settings for employees, including adding extensions on whitelists so employees can use them, pushing recommended extensions to users, and rolling out Chrome updates on a scheduled timeframe. That’s made our IT administrators’ lives much easier and has been a huge timesaver. And because we centrally manage the rollout of extensions for new employees, individual city and departments no longer need to have a dedicated IT person working on new hire application orientation. So we save time and money with each new hire.

Meanwhile, the number of help tickets for IT support has plummeted, from 30 a day to one or two. For example, we no longer have to deal with local archive files, which means our staff spends less time troubleshooting and the government employees we serve don’t waste time wrestling with unfamiliar technology. Productivity has increased as well. For example, City Police, City Fire, and County Health departments all use shared Google Sheets within their individual precincts for shift change management. This allows them to roll over shift changes swiftly and efficiently, without missing any critical ongoing task assignments.

Chrome browser and G Suite have allowed us to offer more secure and productive IT services to all City of Omaha and Douglas County employees, who are then able to better serve citizens. DOTComm and the City of Omaha were recently honored as one of "Top 10 Cities" by the Center for Digital Government in its Digital Cities Survey 2016, which recognizes cities that use technology to improve citizen services, enhance transparency and encourage citizen engagement. This marked the first time the City of Omaha made the list—but I predict it won’t be the last now that we’re using Chrome browser and G Suite.

Source: Google Cloud


Delivering better government services at lower costs with Chrome

Editor’s note: Today’s post comes from Vijay Badal, Director of Application Services of DOTComm. Founded in 2003, DOTComm provides centralized IT support and consulting for 70 government agencies in the city of Omaha and Douglas County, NE. DOTComm uses Chrome browser and G Suite to improve employee productivity and mobility and cut IT costs.

At DOTComm, our employees provide technical support for more than 5,000 government workers throughout Omaha and Douglas County. Because these workers are spread across 120 different locations, our employees need access to the tools they need to do their jobs whether they’re in the office or on site with our customers. Several years ago, we realized the legacy systems we were using were getting in the way.

When employees had to travel to provide technical support for the government agencies we serve, they didn’t have mobile access to important documents, or the ability to share and send files back to the office, such as videos that outlined technical issues. In addition, hardware and licensing were costly, and inflexible productivity applications were making it difficult for employees to collaborate or work from the road. Plus, we needed half a dozen employees just to maintain our infrastructure!

To solve these challenges, we turned to Chrome and G Suite. Chrome is fast, secure and gives our staff access to thousands of useful extensions. It’s also allowed us to standardize across our desktop and mobile devices. G Suite has helped us cut hardware costs and improve collaboration and mobility. With Chrome and G Suite, we no longer pay thousands of dollars in annual licensing fees, and we’ve reduced the number of people managing infrastructure from six to one, freeing up the other five people to work on different tasks.

Chrome’s extensions have been big productivity boosters. One extension syncs the staffs’ Google calendars with their Salesforce calendars. Previously, employees had to check two separate apps and cross-reference two separate calendars. Now they only need to check one. Another extension gives staff mobile access to Google Docs and Google Sheets. This means they can work nearly anywhere. When they’re out of the office, or in the field, they can create and share files on any device they need.

As an IT department, we’re particularly pleased with the security and other IT benefits we get with Google. Chrome has built-in malware and phishing protection, and we use the G Suite admin console to ensure all user downloads are stored on the same network drive so they can be checked for malware. The G Suite admin console lets us control Chrome settings for employees, including adding extensions on whitelists so employees can use them, pushing recommended extensions to users, and rolling out Chrome updates on a scheduled timeframe. That’s made our IT administrators’ lives much easier and has been a huge timesaver. And because we centrally manage the rollout of extensions for new employees, individual city and departments no longer need to have a dedicated IT person working on new hire application orientation. So we save time and money with each new hire.

Meanwhile, the number of help tickets for IT support has plummeted, from 30 a day to one or two. For example, we no longer have to deal with local archive files, which means our staff spends less time troubleshooting and the government employees we serve don’t waste time wrestling with unfamiliar technology. Productivity has increased as well. For example, City Police, City Fire, and County Health departments all use shared Google Sheets within their individual precincts for shift change management. This allows them to roll over shift changes swiftly and efficiently, without missing any critical ongoing task assignments.

Chrome browser and G Suite have allowed us to offer more secure and productive IT services to all City of Omaha and Douglas County employees, who are then able to better serve citizens. DOTComm and the City of Omaha were recently honored as one of "Top 10 Cities" by the Center for Digital Government in its Digital Cities Survey 2016, which recognizes cities that use technology to improve citizen services, enhance transparency and encourage citizen engagement. This marked the first time the City of Omaha made the list—but I predict it won’t be the last now that we’re using Chrome browser and G Suite.

How Android helped Dalmia Bharat go digital and grow their business

Editor's note: Today’s post comes from Sunil Tewari, Head of Technology and Business Services for Dalmia Bharat Group, one of India’s largest cement manufacturers. Read how Dalmia Bharat Group uses Android to increase sales, optimize cement delivery, and better connect their workforce.

Dalmia Cement is a leader in the Indian cement industry, producing over 9 million tons of cement for its customers every year. Founded as a division of the Dalmia Bharat Group in 1939, we’ve consistently innovated our manufacturing and production processes, pioneering specialty cements used for oil wells, railway sleepers, and air strips.

We’re quick to embrace solutions that make our business more efficient and responsive for our customers. So when it came to mobility, we turned to another powerhouse of innovation—Android. Our analog record-keeping system wasn’t keeping up with our needs: our customers are spread far and wide across India, so many of our employees spend their work hours largely on the road, making sales calls and deliveries. We have between 15,000 and 18,000 trucks delivering cement to cities and remote areas, and 600 sales representatives visiting customers every day.

In a business that relies on strong personal relationships between sales reps and customers, keeping track of contacts, purchases and deliveries with so many employees while on the go is difficult. Sales reps need to be able to get information quickly while they’re at a customer site or in the office. Managers need to make sure drivers are taking the quickest delivery route to where the customers are. And we need to track successful deliveries so we know when to bill the client.

Dalmia Android team

To make all of this a smoother process, we built three Android apps so that sales reps, dealers, and truck drivers could have the information they need most at their fingertips. Our SM@RT-D app gives our sales force the ability to place and track orders. Our SUVIDHA app is used by customers to place orders without needing to contact the sales team, and DriverSathi tracks deliveries and makes billing more efficient.

Android’s secure and flexible platform was the right choice for our company’s apps. We were able to build and deliver apps to our team in six weeks, which are used by more than 4,000 employees and customers.

We are using the Enterprise Mobility Management capabilities in G Suite to manage the devices we provide for our sales force. Employees can also bring their own devices to access resources like Gmail and our company’s apps—we use Android’s device policy controller to manage the work profile, keeping company data secure on these devices. Dealers use their own Android devices to access our apps and place orders.

Since our sales reps began using our SM@RT-D app, sales have increased, with 60 percent of all orders now placed digitally. Our sales team uses the app to get quick access to product information from a customer site, while managers use it to check when the rep last visited that customer and to see what other stops the rep has that day.

Going mobile with Android has been a key piece of our growth, as we’ve become one of the fastest-growing cement brands in India. Sunil Tewari
Dalmia Bharat Group

We have more than 8,000 active users of our SUVIDHA app, which allows our customers to place orders anytime. Prior to this, they had to call into our sales team. We now see more than 1,000 orders placed each day with the app, which accounts for 35 percent of total sales.

With our third app, DriverSathi, we can track cement deliveries. Drivers get electronic proof of delivery, so we know exactly when each delivery was made, leading to on-time payment for our delivery drivers. Orders are filled 10 percent faster now because the process isn’t paper-based. Customers and dealers know when they will be receiving orders so they can manage their own sales pipelines.

This app also streamlines billing. Previously, invoices were often delayed by up to a month and a half because everything was done via hard copy, and it sometimes took weeks for drivers to hand in the paper invoices. Now the invoicing process starts as soon as the delivery is made because the app verifies exactly when delivery is completed, triggering the payment process.

Building custom apps on Android helped improve every part of our business, starting with the sales process, going all the way through delivery and invoicing. Going mobile with Android has been a key piece of our growth, as we’ve become one of the fastest-growing cement brands in India. Our Android applications enabled us to provide service to more customers in a quicker fashion because our employees have information they need when they need it most—on the road. And by giving the most efficient routing information, workers spend less time driving and more time talking with customers. With Android, it’s a win-win for everyone.

Giving banks a friendly, modern makeover with digital signage: Heritage Bank

Editor’s note: Today’s post comes from Jane Calder, General Manager of Marketing at Heritage Bank, Australia’s largest customer-owned bank with over 60 branches throughout Queensland. As part of a refurbishment of its branches, Heritage Bank used Chrome OS and Chromeboxes to power video walls and interactive touchscreens to guide customers in making key financial decisions.

As a customer-owned bank, we’re passionate about delivering great customer experiences. So when we set out to revitalize the design of our bank branch network, we wanted to remove barriers that come between staff and customers. Customers come to us to have life-changing conversations, like how to buy their first homes and how to save up for their children’s college education. The digital screens now in place across over a third of our network, along with the interactive kiosks in over a dozen branches, use Chrome OS and Chromeboxes to offer a modern and approachable way to kick off these important conversations.

Many of our branches are in shopping malls, so we want to appear as friendly, welcoming, and current (from an interior design standpoint) as any other store that our customers visits regularly. To achieve this, we’re removing security barriers that separate branch staff from customers. And we’ve added interactive touchpoints to help. But this is not the first time we’ve done this. In the past we’ve experimented with other digital methods to educate customers on our products and services. However, branch employees told us the time needed to perform tasks like updating software or screen content was detracting from their most important task, helping  customers. Additionally, these screens offered no interactivity, so they didn’t let customers choose what they wanted to see.  

As a solution, our technology partner, DAT Media recommended Chrome management and Chrome OS devices, such as Chromebases and Chromeboxes. With the rollout of digital signage, branch staff no longer need to worry about technical updates or screen content. Chrome management is so easy to use that my marketing team pushes out content ourselves. All we need to do is add content for a group or site, click, and the screens are updated.  It’s that simple.

Using a touchscreen Chromebase, DAT Media created a custom self-service app for interactive kiosks, allowing customers to request PDF brochures via email and make appointments for future visits. Customers save time because they don’t have to wait, and they don’t have to sift through brochures looking for the right ones to take home. Our customers are even happier, and we save time—and money—as we’ve been able to reduce printing brochures and marketing posters. Branch staff no longer have to remove outdated brochures and posters, since the screens are centrally updated to ensure they are current.

heritage-bank

While saving time and money is important, the best thing about the new signage and kiosks is that our customers get information about bank services—or about local events like summer movie nights—faster and easier. Our screens are not just telling customers what we sell, they’re showing that we’re here to help guide them through life’s big changes.

We hope our story helps other banks see how digital signage makes spaces like bank branches friendlier and more engaging.

Our screens are not just telling customers what we sell, they’re showing that we’re here to help guide them through life’s big changes. Jane Calder
General Manager of Marketing, Heritage Bank

Android Oreo: a smart, tough and productive cookie for enterprises

Android 8.0 Oreo is now available, bringing a sweet combination of improved productivity and enhanced security to enterprise customers. The new release builds on the consistent investments we’ve made to make Android stronger, easier to manage, and more productive for the enterprise.  

Personal space on your work device

Android’s unique work profile creates the best of both worlds—separating work and personal data so IT has the security it needs and users have the freedom to use the personal apps and services they want. Only the work data is managed, giving IT full control of corporate information and keeping employees’ photos, apps, and other personal data separate.

In Android Oreo, we’re now bringing work profiles to corporate-owned devices. Now, organizations can enable company devices for personal use with a work profile. While the organization still retains control of the device, work apps and data can be put in a work profile, keeping personal apps and data outside the profile.

This brings the benefits of the work profile to company-owned devices, such as removing the need for a complex device-wide passcode, and allowing employees to turn off work notifications when they’re away. The improved usability and clear separation makes this management mode ideal for corporate-owned, personally-enabled (COPE) deployments.

workspace

Get up and running in seconds

With zero-touch enrollment available in Android Oreo, organizations can deploy corporate-owned Android devices with enterprise mobility management settings pre-configured, so team members can start using their device right out of the box. Devices can be configured online and drop-shipped to employees who will have management enforced from the start.

With the work profile in Oreo, we’ve made it easier than ever for employees to set up their personal device for work, with 10x faster work profile setup. We’ve even reduced the enrollment steps required so users can get their work profile set up with a single tap—no complicated instructions required.

Robust security that stops malware in its tracks

We continue to invest in Android platform security, giving IT more advanced capabilities in  managing their fleet of devices. With Project Treble in Oreo, we’re improving security by separating the underlying vendor implementation from the core Android framework. This modularization isolates each hardware abstraction layer (HAL) into its own process so each HAL only gets the hardware driver and kernel access it needs. This improves sandboxing and makes it harder for framework compromises to exploit the kernel.

We’re also enabling stricter enforcement of Google Play Protect, our always-on security service that scans for malware and blocks potentially harmful apps. Now, admins can block unknown or risky apps from being installed across the whole device, outside the work profile. We’re also providing new APIs to enable administrators to verify the security posture of their fleet including details on which apps are installed.

With the inclusion of secure password reset, it’s now easier for admins to securely help users recover from forgotten passwords on fully encrypted devices. Admins can also enable network logging for corporate-owned devices to record DNS lookups and TCP connections, helping companies detect suspicious network behavior or remotely debug problematic apps.

Improved privacy and transparency

It’s important for employees to have visibility into management policies, particularly when considering a device for personal use. To help employees stay informed, we’ve made it easier to see management actions taken across the device, such as the installation of a new app or enforcement of a lock screen. We’ve also improved notifications for connectivity changes, like always-on VPN and network logging.

These are just a few of the new and improved enterprise features in Android Oreo, with more updates coming soon. To learn more, check out the What’s new in Android 8.0 page.

Android zero-touch enrollment: seamless and secure enterprise deployment


Companies around the world deploy Android to mobilize employees and transform their businesses. No matter the use case, we know that a successful deployment is about more than just selecting the right devices; it's about getting them configured and rolled out into the hands of users as quickly and easily as possible.

Today we’re launching a new deployment method called zero-touch enrollment to make Android rollouts more seamless and secure. With zero-touch enrollment, companies can configure the devices they purchase and have them shipped with management and settings pre-configured, so employees can get up and running out of the box.

Zero touch pixel demo

For administrators, zero-touch enrollment removes the need for users to configure their devices manually and ensures that devices always have corporate policies in place. Support is also much easier, with no extra steps for end-users; they just sign in and get access to their work apps and data.  

Zero-touch is available on devices purchased from our zero-touch carrier partners, and we’re excited to partner with Verizon to offer zero-touch enrollment on the Pixel, phone by Google, starting today.

“For our business customers, deploying new devices and services securely with the ability to enforce device-specific policies is critical for protecting proprietary information and an organization's brand,” says Ryan O’Shea, vice president of National Business Channels with Verizon Wireless. "The Android zero-touch enrollment program allows our business customers to get up and running seamlessly and securely, and we are excited today to introduce this initiative on the Pixel phone and other future Android devices.”

We’re working with our device partners including Samsung, Huawei, Sony, LG Electronics, HMD Global Oy Home of Nokia Phones, BlackBerry smartphones, HTC, Motorola, Honeywell, Zebra, and Sonim with additional OEMs to be added soon to deliver the zero-touch experience to enterprises. The Huawei Mate 10, Sony Xperia XZ1 and XZ1 Compact specifically will be among the first devices to support zero-touch in the coming weeks and of course, other devices from our OEM partners will launch soon.

Organizations can use software from leading enterprise mobility management providers (EMMs) including VMware AirWatch, BlackBerry, MobileIron, IBM, SOTI, GSuite and others to specify configurations and device policies that are automatically applied to employees’ mobile devices during the initial setup.

If your company already uses other enrollment methods, don't worry — you can mix enrollment methods to suit your particular needs. Samsung will continue to offer Knox Mobile Enrollment (KME) on Samsung devices, including pre-Oreo devices. Samsung devices that upgrade to, or ship with, Android Oreo will have zero-touch as an additional option. Other existing enrollment methods like QR code and NFC bump will continue to be supported across Android.

Keen to get started with zero-touch? Talk to our carrier partners who plan to offer zero-touch:


  • USA: Verizon, AT&T, Sprint, T-Mobile

  • Europe: BT, Deutsche Telekom


  • Asia-Pacific: Softbank, Telstra


To learn more, visit our zero-touch page.

2 new white papers examine enterprise web browser security

Online security has never been more critical to businesses, and the tools used to access the web are a major factor to evaluate. Choosing an enterprise-grade web browser that offers the right security features and  keeps businesses’ data protected while enabling employees to take advantage of the open web. But knowing which browser to choose often requires a deep  understanding of security design and implementation tradeoffs that enterprise IT decision makers don’t have the time or resources to fully identify and investigate. Furthermore, well-researched, independently-verifiable data on enterprise browser security is in short supply. And in its absence, many IT administrators resort to guesswork and experimentation in their decision-making.

This complex landscape of enterprise browser security is the topic of two white papers recently published from security engineering firms X41 D-Sec GmbH and Cure53. Both firms have extensive industry experience and expertise in information security, application security, web application security and vulnerability discovery. These two papers leverage that expertise to examine the relative security strengths of the three most popular enterprise browsers: Google Chrome, Microsoft Edge, and Microsoft Internet Explorer (IE).


We sponsored this research, which was conducted independently by the research firms, to help enterprise IT administrators evaluate which browser best fits their security and functionality needs. To be most useful for enterprises and the public, Cure53 and X41 performed their research and testing using only publicly available information, and clearly documented their comparison methodologies. This enables anyone to recreate their tests, validate their methodologies, and verify their conclusions.

Although Cure53 and X41 produced these white papers in isolation from each other, both came to similar conclusions when it came to enterprise browser security. Here are their findings in a few key areas:


Phishing and malware protection is critical to staying safe on the web.

The prevalence of phishing to steal credentials and deliver malicious payloads makes protection more critical than ever. X41 found that Safe Browsing on Chrome and SmartScreen on Edge and IE offered similar protection, with Safe Browsing performing more accurately than SmartScreen in some test results.


Isolating application components through sandboxing reduces risk.

Sandboxing isolated application components from one another, and from the rest of the system, limits the potential impact of vulnerabilities. Cure53 and X41 both found that Chrome renderers have significantly less access to the operating system than Edge or IE, including revoking access to win32k system calls in Chrome renderers and plug-in processes. Cure53 and X41 also found that Chrome has more types of sandboxed processes, for finer-grained privilege separation. Edge uses out-of-process JavaScript compilation, enabling Edge content processes to drop the privilege to create executable memory.


Modern browsers that eliminate legacy functionality are more secure.

Browser Helper Objects (BHOs) and plug-ins like ActiveX have been a go-to choice for client-side attacks. Cure53 and X41 found that Chrome and Edge do not support these vulnerable technologies. IE supports both, making it more susceptible to attack than either Edge or Chrome. Additionally, Cure53 and X41 found that IE is still vulnerable to attacks via signed Java Applets, and more susceptible to malicious Flash content. While Chrome and Edge can both be configured to fall back to IE to support legacy compatibility, administrators can exert more control over Chrome’s fallback mechanism.

Web security is one of Google’s primary concerns, and has been a guiding principle for Chrome since day one. We’re pleased that these papers independently confirm significant improvements in the enterprise browser security landscape overall. We think strong security safeguards, regardless of which browser you choose, make the web better, and safer, for everyone. We hope these white papers can help you find the right solution for your business.

Take a read through the white papers linked above to learn more about their findings. If you’d like to take a deeper look at the security controls available in Chrome or download the Chrome enterprise bundle, visit the Chrome enterprise website.