如何设置边缘铬安全选项

我是CSO在线的苏珊·布拉德利。你还在办公室里使用Internet Explorer作为商务浏览器吗?对于那些运行Windows 7的人，我想让你们看看即将推出的测试版。微软的Edge现在将基于chromium引擎，而不是斯巴达引擎。因此，它将与您现在使用的网站更兼容。此外，它预计比你目前在Chrome上使用的任何扩展都能与Edge浏览器兼容。攻击者通常使用浏览器进入系统，通过使用硬盘，在你的办公室有人进入一个网站，横幅广告或其他东西滴下攻击你的系统。通常他们只是碰巧访问了一个带有恶意代码的网站。有一个自动执行的脚本，如果他们发现系统上有漏洞或者文件，他们就会攻击操作系统。如果利用成功，有时会给对手充分的权利，您的系统。 Often a drive by compromise is blended with other attacks to raise rights on the system. So for example if the user is running with non admin rights a blended attack will use both the drive by compromise and some other exploit in order to raise rights on the system. So how do we keep ourselves safe from these attacks? Obviously we want to make sure we have a very secure browser and we want to keep it up to date. Internet Explorer and Windows 7 is not that browser. But let's take a look at Edge on Chrome. As you can see from the site not only is going to be available for Windows 10 it's also going to be available for older systems as well. For those of you in enterprise that will have the extended security patches for Windows 7. Edge will be available to download on these systems. For those of you in enterprises that use group policy you'll note that the policy file will be able to be used with this edge based on the chrome engine. This is not a complete list at this time but here's some of the features and things you can control the group policy with the upcoming Edge browser. One specific control actually allows you to control the extensions. This can be a key feature to keeping your network and your users safe. The chrome extension ecosystem isn't exactly the most secure in the world. About 50 percent of all chrome based extensions have fewer than 16 installs. The ecosystem of chrome extensions isn't as robust as it could be. That's why as a network administrator you want to make sure that you choose which ones are appropriate in your firm and only allow those. And this setting can be done either group policy, via a Windows registry setting and later on will also be included in intune and mobile device management. So I recommend now for you to download and take a look at the edge beta. And also take a look at the Chrome extension ecosystem and decide ahead of time which chrome extensions you allow inside your firm. Taking a little bit of time now to understand and determine which browser extensions are allowed and not allowed will help and go a long way to keep your network safe and secure. Until next time. This is Susan Bradley for CSO Online. And remember to sign up for the tech talk from IDG on the new YouTube channel. Protect news of the day. See you next time.