new | ask | show | jobs
lokar 2 hours ago  [ - ]

Is it not:

https://knowledge.workspace.google.com/admin/security/create...

The Org admin can put all sorts of restrictions on who can do what based on the client device setup.

whateverboat 2 hours ago  [ - ]

Unrelated to this news, but this is so rudimentary, when the correct solution instead is:

1. Make it ridiculously easy to install hardware vendor keys and register it with OS of choice. (like a standardized dialog box in UEFI and a standardized/regulated IPMI-like interface)

2. Allow for only measured boot on those devices.

3. Provided facility to verify signatures.

Do this on consumer and enterprise laptops and desktops alike and all of these weird set of conditions just go out of play and replaced by something much much simpler.

saagarjha 2 hours ago  [ - ]

Why is there a policy to require “Chrome” and not a policy to require another browser, hmm?

insanitybit 2 hours ago  [ - ]

Google offers "Managed Chrome" as a service. What would you like them to do, offer "Managed Firefox"? Should AWS offer "Managed GCP"?

saagarjha an hour ago  [ - ]

I don’t think Google should also offer a product that detects “managed Chrome”

eli an hour ago  [ - ]

I don't think Google should also be allowed to remain in charge of Chrome at all but here we are.

insanitybit an hour ago  [ - ]

Uh, why? Context Aware Access is a policy attestation service. Managed Chrome is exactly the sort of thing you'd have policies for.

Macha 2 hours ago  [ - ]

Because Google is able to configure Chrome to the admin's liking.

 2 hours ago  [ - ]
[deleted]
Tostino 2 hours ago  [ - ]

"wow look at all these options available...to limit users to only use software provided by the same corp" you are missing the point entirely.