Will Google Chrome OS Security Be Tough Enough?

1 of 6

Will Google Chrome OS Security Be Tough Enough?

by Brian Prince

2 of 6

Locking Down the OS

Given that the focus is on supporting cloud applications, this should come naturally. By turning Google Chrome OS into a "toaster" and running primarily—if not only—Web apps like Google Docs and Picasa, Google can substantially reduce the attack surface, noted Scott Crawford, an analyst with Enterprise Management Associates.

3 of 6

Dealing with Plug-ins and Add-ons

Google could take an Apple iPhone App Store approach to plug-ins or add-ons, Gartner analyst John Pescatore said, and have a certification/vulnerability assessment vetting process rather than just letting any piece of software plug in.

4 of 6

Encrypting Data

Google could build in native support for encryption of any data stored through the browser, whether locally or in the cloud, said Pescatore.

5 of 6

Playing in a Sandbox

Google could implement a feature like SELinux, which adds mandatory access control to Linux. This would allow the OS to sandbox malicious processes to prevent them from infecting the rest of the system, said Forrester analyst Andrew Jaquith.

6 of 6

Focus on Securing the Browser

If most of the way the user interacts with the system or applications is through the browser, Google needs to put a focus on ensuring that its Chrome browser is secure, said Jaquith.