Google has made a subtle change to the admin console in its Chrome browser, which is used in enterprise environments to help set policies for employee use, which will allow administrators to force users to browse in ephemeral mode.

The change won’t have any effect on typical individual users who run Chrome in an unmanaged environment, such as a home machine or enterprise that doesn’t use the admin console. But for administrators in environments where they’re managing a lot of users running Chrome, the ability to force ephemeral mode is a helpful tool in the fight against data loss and other security problems.

Ephemeral mode is a function that allows users to browse the Web on a shared device or a personal laptop by using a profile that won’t save any data or history after the browser is closed. The profile is saved to the machine’s disk and the user has the ability to sign in to Chrome Sync, but once the user closes the browser at the end of the session, the profile is destroyed.

“If Google Chrome Sync is enabled, any changes that the user makes to the browser’s settings or to their Chrome data (such as bookmarks, history, apps etc.) during an ephemeral session will be saved for future sessions. The settings are saved in the user’s Google account in the cloud. If Google Chrome Sync is not enabled, any changes are lost when the user exits the browser,” Google’s documentation on the feature says.

Ephemeral mode is somewhat similar to incognito mode, a feature of the Chrome browser that enables users to browse without any personal settings or without Chrome saving cookies, history or any other identifying information. But there are a few key differences between ephemeral and incognito modes. Most importantly, a user has the ability to choose when or if to use incognito mode.

With ephemeral mode, administrators set that as a policy on a global basis. Also, in ephemeral mode, users have access to their Chrome settings and bookmarks through Chrome Sync. Incognito mode does not allow users to access personal settings.

Despite the advantages that ephemeral mode provides, it does still count on the user for some of it.

“When ephemeral mode is set at the user level in the Google Admin console, it relies on the user to sign in to Chrome for sync benefits and for the policy to take effect. The policy should only be used on devices that the user trusts and that are compliant with other corporate policies.” Google says.

 

Categories: Privacy