Source: Admin Insider: What’s new in Chrome Enterprise, Release 71 from Google Cloud
Here’s a look at the changes and features in Chrome 71 most relevant to enterprise admins. For the full list and more detailed descriptions, be sure to read the release notes, and sign up to receive future release notifications.
A better SMS experience with the Android Messages progressive web app on Chrome OS
To provide a seamless SMS experience on Chromebooks, we launched the new Android Message progressive web app (PWA) to augment the Android Web Messages experience for Chromebook users. With the new Android Message PWA, users can use an app to get background notifications, reply and start new SMS messages—even when the app is closed.
More control over printing in Chrome OS
Further improvements have been made to our printing functionality to give enterprises even more granular control. Administrators can now restrict users to 1-sided or 2-sided printing with Chrome OS native printand users will not be able to change the settings on their device. Also new in printing is the ability to render multiple pages into a grid on a single sheet of paper—now available for all printing destinations.
Site Isolation: now on by default for enterprises
Site Isolation is a security feature that provides additional protection against some types of security bugs and makes it harder for untrustworthy websites to access or steal information from your accounts on other websites.
The policies which control Site Isolation were enabled by default for consumers in Chrome 67 as part of our continuous security improvements, but were still optional for enterprises. Now, in Chrome 71, we are continuing the rollout of this feature by turning the Site Isolation Policy on by default for everyone, including enterprises. Additionally, these policies can now be found on the admin console for Chrome on Android.
Increased security with default PAC URL stripping
PAC URL Stripping improves security by stripping the privacy- and security-sensitive parts of an https:// URL before passing it on to a PAC (Proxy Auto Config) script, reducing the chance that sensitive information is unnecessarily exposed.
To date, this policy has been disabled by default (set to False), though the recommendation was to enable it (set to True). However from Chrome 71, the policy will be enabled by default, meaning all https:// URLs will be stripped before submitting them to a PAC script.
This change may impact enterprises where the PAC script depends on anything other than the scheme, host, or port of incoming URLs. To determine whether this change impacts your business, check therelease notes. The policy will be removed entirely in a future release of Chrome as part of our continued security improvements.