Digital Guardian announced that its Data Loss Prevention (DLP) offering supports content inspection and policy enforcement for Google Chrome 68.
In late 2017, Google made a decision to disallow 3rd party software code injection into the Chrome browser beginning in July 2018. Google made this decision to ensure bad actors could not gain access to private information and improve the Chrome user experience.
However, despite these reasons, the decision means some agent-based information security solutions can no longer perform core functions that once relied on Chrome browser injection, which leaves gaps in many organizations’ cybersecurity defenses.
Companies like McAfee disclosed their endpoint DLP products will no longer be able to inspect web uploads and/or block sensitive data upload when the Chrome browser is being used; Digital Guardian, however, can still support those key DLP functions.
Digital Guardian understood the impact of Google’s decision and engineered a way to preserve DLP functionality for Chrome users. Digital Guardian’s approach is able to connect file information, such as the sensitivity, location, and file type, with the transmission destination, such as an unauthorized external site.
This provides security professionals with the ability to fully manage the risk of data loss, all done without the need for injection and therefore eliminating the potential for conflicts.
As of May 2018, Chrome commands over 60 percent of the desktop/laptop browser market. Internet Explorer was ranked second, and has about 12 percent of the market. Therefore, being able to support Chrome 68, and future releases, was critical for Digital Guardian.
“We applaud Google for taking the steps to secure its browser by blocking third party code injection,” said Tony Themelis, vice president of product management, Digital Guardian.
“We also appreciate Google announcing this move in November 2017 as our engineering team was able to innovate our DLP offering to still support critical data protection functionality in Chrome even with Google’s new no-injection policy. Securing our customers’ data is paramount and our mission is to provide the highest level of protection regardless of where sensitive data resides.”