Welcome to the second part of this two-part blog series for administrators who are new to the Chromebook enterprise system. In the previous blog, we discussed settings that are applicable to users and applications. In this blog, we will further explore the Chrome enterprise admin panel as we look into settings that pertain to privacy and physical devices.

Device Settings

Device settings apply to the physical Chromebook device. They are enforced no matter which user is logged in. All entries discussed in this section can be found by navigating to the Device Settings area in the G Suite Admin console via the following steps:

  1. Visit https://admin.google.com and log into the Chrome Admin panel.
  2. Select Devices from the home page.
  3. Expand the Chrome entry within the left navigation.
  4. Expand the Settings entry under the Chrome entry.
  5. Select Device under the settings entry.

Enrollment and access – Forced re-enrollment

This setting will vary by your organizational needs. You may wish to ensure that devices automatically enroll or enroll with credentials upon wiping, which can help track lost or stolen devices. However, in a Bring Your Own Device (BYOD) scenario, you may need to allow devices to be wiped and re-used with personal accounts.

Sign-In settings – Guest mode

By default, Guest mode is allowed, which allows access to the device circumventing any user policies or Chrome management extensions you may have force-installed. Set this value to Disable guest mode.

Privacy Settings

These settings are related to privacy and can be found mixed within the previously discussed sections. While not strictly related to security, altering these settings can reduce disclosure of sensitive information whether it be corporate or user data.

User & Browser Settings – Security: Browser History

Here you can chose to Never save browser history if your organization (Read more...)