Source: Admin Insider: What’s new in Chrome Enterprise, Release 70 from Google Cloud
Here’s a look at the changes and features in Chrome 70 most relevant to enterprise admins. For the full list and more detailed descriptions, be sure to read the release notes, and sign up to receive future release notifications.
More time for enterprises to move away from third-party software code injection
We’ve been talking about the stability benefits of moving away from third-party software that injects code into Chrome processes since late last year. In Chrome 69, we announced plans to block third-party code for all users. However, based on feedback from our enterprise customers, we will take a phased approach to support this transition.
In Chrome 70, only non-enrolled devices will have third-party code blocked by default. Domain-enrolled enterprise devices will not be blocked by default until in Chrome 71, giving enterprise customers more time to modify their workflows if they still use software that injects code into the browser processes.
Increased control over sign-ins
We recently made changes to simplify the way Chrome handles sign-in, however we heard your feedback and have made a few updates in Chrome 70 to offer more control over the experience.
Starting in Chrome 70, the BrowserSignin policy will control the new “Allow Chrome sign-in” setting for users. It will allow you to specify if the user can sign-in to Chrome with their account and use account related services like Chrome Sync.
We’re also introducing the “Sign-in Within the Browser” setting in the Google Admin console. This will allow you to restrict which domains users can use to access Google products like Gmail or G Suite. This could, for example, offer control over whether employees can sign into their personal Gmail accounts on a corporate-owned Chromebook.
Final deprecation of trust in Symantec Certificates
Last September we announced our plan to remove trust in Symantec’s infrastructure in order to uphold users’ security and privacy when browsing the web. Chrome 70 will be the final stage in this process by removing trust in Symantec’s old infrastructure and all of the certificates it has issued. Site operators are strongly encouraged to replace affected certificates as soon as possible in order to avoid site breakage.
Improved secure communication on the Internet with TLS1.3
Secure communication on the Internet is made possible through a protocol called Transport Layer Security (TLS). To support the latest security standards, we’re introducing the final revision of TLS 1.3, a protocol with a simpler, less error-prone design than TLS 1.2. We previously experimented with earlier drafts of the standard and are excited to ship this final standard in Chrome. You can read more about this modernization here.
Improved support for SMB File Shares on Chrome OS
In order to create an improved experience for our Windows users, support for SMB File Shares are now native on Chrome 70. Users can now add SMB shares directly via the Files app with no additional extension. This gives users easier access to SMB files.