Pro Tips with Esben #33
Continuing with cybersecurity month, we're going to look at Google Chrome. Browsers are often one of the last lines of defense when it comes to users accidentally downloading the wrong thing or clicking a malicious link.
Google Chrome has been the most popular browser for quite some time now. Currently, it's still close to having a 70% market share on desktops meaning it is by far the most used browser.
Browsers have also become much more customizable, allowing you to create custom additions known as extensions. While useful, they can also be dangerous as the wrong extension can spy on web usage or worse. Making sure that users cannot install whatever extension they want is key to ensuring the safety of your IT environment.
Google Chrome Group Policies
Luckily Google provides group policies you can easily start using straight away allowing you to control your Chrome installations. For Extensions specifically, there are the following group policies:
Whether you want to block specific extensions, allow specific extensions, or want to automatically install specific extensions (like uBlock Origin) to help and protect end users better, it is all possible. A big upside is that all of the documentation includes registry key locations, so you can even scan the settings using Lansweeper's custom registry scanning.
As an example, I've created a report for the ExtensionInstallBlocklist group policy. But you can adjust this for any of the listed group policies by changing the registry key path in the report (and adding it to your scanning).
Scanning Chrome Extensions
Aside from creating group policies, you might also want to know what extensions are installed. Unfortunately, Lansweeper doesn't allow general scanning of Chrome extensions. But we can scan individual extensions using the same registry scanning.
Extensions can be found in the following registry key locations:
A new key will be created for each extension using the Chrome Web Store ID. You can easily find the ID in the URL: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm
One big sidenote is that since the registry key is located in HKEY_CURRENT_USER, you must scan the device when the user you want the data from is logged in. Otherwise, the results will not be accurate.
Once you've configured which extensions you would like to scan, you use this template report and simply adjust the "
tblRegistry.Valuename" values to report on your installed extensions.
Technical Product Evangelist at Lansweeper Maximizing IT Asset Management proficiency by empowering end-users to take full advantage of their toolset.