Delivering better government services at lower costs with Chrome

Editor’s note: Today’s post comes from Vijay Badal, Director of Application Services of DOTComm. Founded in 2003, DOTComm provides centralized IT support and consulting for 70 government agencies in the city of Omaha and Douglas County, NE. DOTComm uses Chrome browser and G Suite to improve employee productivity and mobility and cut IT costs.

At DOTComm, our employees provide technical support for more than 5,000 government workers throughout Omaha and Douglas County. Because these workers are spread across 120 different locations, our employees need access to the tools they need to do their jobs whether they’re in the office or on site with our customers. Several years ago, we realized the legacy systems we were using were getting in the way.

When employees had to travel to provide technical support for the government agencies we serve, they didn’t have mobile access to important documents, or the ability to share and send files back to the office, such as videos that outlined technical issues. In addition, hardware and licensing were costly, and inflexible productivity applications were making it difficult for employees to collaborate or work from the road. Plus, we needed half a dozen employees just to maintain our infrastructure!

To solve these challenges, we turned to Chrome and G Suite. Chrome is fast, secure and gives our staff access to thousands of useful extensions. It’s also allowed us to standardize across our desktop and mobile devices. G Suite has helped us cut hardware costs and improve collaboration and mobility. With Chrome and G Suite, we no longer pay thousands of dollars in annual licensing fees, and we’ve reduced the number of people managing infrastructure from six to one, freeing up the other five people to work on different tasks.

Chrome’s extensions have been big productivity boosters. One extension syncs the staffs’ Google calendars with their Salesforce calendars. Previously, employees had to check two separate apps and cross-reference two separate calendars. Now they only need to check one. Another extension gives staff mobile access to Google Docs and Google Sheets. This means they can work nearly anywhere. When they’re out of the office, or in the field, they can create and share files on any device they need.

As an IT department, we’re particularly pleased with the security and other IT benefits we get with Google. Chrome has built-in malware and phishing protection, and we use the G Suite admin console to ensure all user downloads are stored on the same network drive so they can be checked for malware. The G Suite admin console lets us control Chrome settings for employees, including adding extensions on whitelists so employees can use them, pushing recommended extensions to users, and rolling out Chrome updates on a scheduled timeframe. That’s made our IT administrators’ lives much easier and has been a huge timesaver. And because we centrally manage the rollout of extensions for new employees, individual city and departments no longer need to have a dedicated IT person working on new hire application orientation. So we save time and money with each new hire.

Meanwhile, the number of help tickets for IT support has plummeted, from 30 a day to one or two. For example, we no longer have to deal with local archive files, which means our staff spends less time troubleshooting and the government employees we serve don’t waste time wrestling with unfamiliar technology. Productivity has increased as well. For example, City Police, City Fire, and County Health departments all use shared Google Sheets within their individual precincts for shift change management. This allows them to roll over shift changes swiftly and efficiently, without missing any critical ongoing task assignments.

Chrome browser and G Suite have allowed us to offer more secure and productive IT services to all City of Omaha and Douglas County employees, who are then able to better serve citizens. DOTComm and the City of Omaha were recently honored as one of “Top 10 Cities” by the Center for Digital Government in its Digital Cities Survey 2016, which recognizes cities that use technology to improve citizen services, enhance transparency and encourage citizen engagement. This marked the first time the City of Omaha made the list—but I predict it won’t be the last now that we’re using Chrome browser and G Suite.

Two new white papers examine enterprise web browser security

Online security has never been more critical to businesses, and the tools used to access the web are a major factor to evaluate. Choosing an enterprise-grade web browser that offers the right security features keeps businesses’ data protected while enabling employees to take advantage of the open web. But knowing which browser to choose often requires a deep  understanding of security design and implementation tradeoffs that enterprise IT decision makers don’t have the time or resources to fully identify and investigate. Furthermore, well-researched, independently-verifiable data on enterprise browser security is in short supply. And in its absence, many IT administrators resort to guesswork and experimentation in their decision-making.

This complex landscape of enterprise browser security is the topic of two white papers recently published from security engineering firms X41 D-Sec GmbH and Cure53. Both firms have extensive industry experience and expertise in information security, application security, web application security and vulnerability discovery. These two papers leverage that expertise to examine the relative security strengths of the three most popular enterprise browsers: Google Chrome, Microsoft Edge, and Microsoft Internet Explorer (IE).

We sponsored this research, which was conducted independently by the research firms, to help enterprise IT administrators evaluate which browser best fits their security and functionality needs. To be most useful for enterprises and the public, Cure53 and X41 performed their research and testing using only publicly available information, and clearly documented their comparison methodologies. This enables anyone to recreate their tests, validate their methodologies, and verify their conclusions.

Although Cure53 and X41 produced these white papers in isolation from each other, both came to similar conclusions when it came to enterprise browser security. Here are their findings in a few key areas:

Phishing and malware protection is critical to staying safe on the web.

The prevalence of phishing to steal credentials and deliver malicious payloads makes protection more critical than ever. X41 found that Safe Browsing on Chrome and SmartScreen on Edge and IE offered similar protection, with Safe Browsing performing more accurately than SmartScreen in some test results.

Isolating application components through sandboxing reduces risk.

Sandboxing isolated application components from one another, and from the rest of the system, limits the potential impact of vulnerabilities. Cure53 and X41 both found that Chrome renderers have significantly less access to the operating system than Edge or IE, including revoking access to win32k system calls in Chrome renderers and plug-in processes. Cure53 and X41 also found that Chrome has more types of sandboxed processes, for finer-grained privilege separation. Edge uses out-of-process JavaScript compilation, enabling Edge content processes to drop the privilege to create executable memory.

Modern browsers that eliminate legacy functionality are more secure.

Browser Helper Objects (BHOs) and plug-ins like ActiveX have been a go-to choice for client-side attacks. Cure53 and X41 found that Chrome and Edge do not support these vulnerable technologies. IE supports both, making it more susceptible to attack than either Edge or Chrome. Additionally, Cure53 and X41 found that IE is still vulnerable to attacks via signed Java Applets, and more susceptible to malicious Flash content. While Chrome and Edge can both be configured to fall back to IE to support legacy compatibility, administrators can exert more control over Chrome’s fallback mechanism.

Web security is one of Google’s primary concerns, and has been a guiding principle for Chrome since day one. We’re pleased that these papers independently confirm significant improvements in the enterprise browser security landscape overall. We think strong security safeguards, regardless of which browser you choose, make the web better, and safer, for everyone. We hope these white papers can help you find the right solution for your business.

Take a read through the white papers linked above to learn more about their findings. If you’d like to take a deeper look at the security controls available in Chrome or download the Chrome enterprise bundle, visit the Chrome enterprise website.