‘Endpoint Verification’ extension reports basics of devices’ security posture
Google’s new PC-snooping ‘Endpoint Verification’ Chrome extension
Google’s released a Chrome extension that lets admins snoop on the state of PCs accessing its cloudy productivity and infrastructure products.
The “Endpoint Verification” extension works on Chrome OS, MacOS or Windows devices. The latter two platforms need a “native helper” too.
Once installed, the software lets admins create an inventory of devices that can access their G Suite, Google Cloud Platform and Google Cloud Identity accounts.
The Extension also reports on OS version, screen lock status, whether disk encryption is enabled and a few other factoids.
Google’s decided the world needs this extension because bring your own device makes it hard to know just who can touch its cloud services, and with what kit. It’s billed as a reporting tool, not a more comprehensive mobile device management (MDM) suite because Google reckons those can be “difficult to deploy and maintain.”
The subtext here is that MDM is also overkill for some users, who just want to know what’s out there and if it’s in a fit state to reach their cloudy resources.
It’s hard not to like Google’s intention here, as device inventory is a perennial problem and with more and more important stuff being in the cloud it’s important to know who can access it. But Endpoint Verification is very much a minimalist service as it does not offer a way to reach out and touch a device if it’s found to be in a less-than-ideal state. Which leaves admins needing to restrict accounts if devices fall into unsatisfactory states. ®