{"id":31378,"date":"2023-03-09T13:04:30","date_gmt":"2023-03-09T11:04:30","guid":{"rendered":"https:\/\/www.kaspersky.co.za\/blog\/disable-browser-sync-enterprise\/31378\/"},"modified":"2023-03-09T13:04:30","modified_gmt":"2023-03-09T11:04:30","slug":"disable-browser-sync-enterprise","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/disable-browser-sync-enterprise\/31378\/","title":{"rendered":"Disable browser synchronization in the office"},"content":{"rendered":"<p>Storing corporate and personal information, accounts, and files on separate devices is one of the most popular (and effective!) tips for information security. Many companies set this as a mandatory requirement for all employees. A natural extension of such policy is prohibiting data sharing between work and home computers via services like Dropbox, and recommending not to register personal accounts (for example, in online stores) to work e-mail. Often, neither users nor administrators consider another place where home and work intersect \u2014 in web browser settings.<\/p>\n<p>Suggestions to enable Chrome browser synchronization using a Google cloud account pop up from day one, and in fact, Chrome often enables it automatically after the user logs in to Gmail or Google Docs. In Firefox and Edge, syncing is less obtrusive, but it exists and is also offered. At first glance, having synced bookmarks is convenient and not risky, but attackers think otherwise, of course.<\/p>\n<h2>How browser synchronization can be risky<\/h2>\n<p>Firstly, your cloud profile contains quite a lot of information. In addition to a list of bookmarks and open tabs, browsers also synchronize passwords and extensions between computers. Therefore, attackers compromising an employee\u2019s home computer can gain access to a number of work passwords. And if a user installs a malicious extension at home, it will automatically appear on the work computer. These are not hypothetical attacks. It was password synchronization in Google Chrome that led to the <a href=\"https:\/\/blog.talosintelligence.com\/recent-cyber-attack\/\" target=\"_blank\" rel=\"nofollow noopener\">compromising of information-security giant Cisco<\/a>, while <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/malicious-extension-abuses-chrome-sync-to-steal-users-data\/\" target=\"_blank\" rel=\"nofollow noopener\">malicious extensions disguised as corporate security<\/a> were used to steal Oauth authentication tokens.<\/p>\n<p>Secondly, malicious extensions can be used for <a href=\"https:\/\/isc.sans.edu\/forums\/diary\/Abusing+Google+Chrome+extension+syncing+for+data+exfiltration+and+CC\/27066\/\" target=\"_blank\" rel=\"nofollow noopener\">data exfiltration from an infected computer<\/a>. As soon as the Chrome browser communicates with Google\u2019s legitimate infrastructure here, an attack may go on a long time without generating warnings from network defenses.<\/p>\n<h2>How to secure office computers against browser synchronization<\/h2>\n<p>System administrators have to take a number of measures to effectively address the threat posed by browser synchronization:<\/p>\n<ul>\n<li>Use browsers that support centralized security policy settings (Google Chrome, Firefox)<\/li>\n<li>At the security policy level, disable profile synchronization<\/li>\n<li>Again at policy level, prohibit saving passwords in the browser (a specialized password manager is preferable)<\/li>\n<li>If necessary, limit the installation of browser extensions to a list of trusted extensions, or prohibit it altogether<\/li>\n<\/ul>\n<p>Last but not least, <a href=\"https:\/\/k-asap.com\/en\/?icid=en-za_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder____kasap___\" target=\"_blank\" rel=\"noopener\">educate employees<\/a> well in advance. Explain why they should only use corporate browsers, and why they mustn\u2019t save passwords in the browser and synchronize bookmarks with their home computers. Allow some time for adaptation, and then apply the new policies. If for some reason an organization cannot implement corporate browser builds, employee training remains the only and key means of protection.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kasap\">\n","protected":false},"excerpt":{"rendered":"<p>It\u2019s common practice in many companies to keep work and personal information separate. But browser synchronization often remains unnoticed \u2014 and attackers are already exploiting it. <\/p>\n","protected":false},"author":2731,"featured_media":31379,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3020],"tags":[1853,1278,2141,16,2724,21,527,1146,1795],"class_list":{"0":"post-31378","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"tag-tips","10":"tag-browsers","11":"tag-business","12":"tag-chrome","13":"tag-edge","14":"tag-firefox","15":"tag-hacks","16":"tag-risks","17":"tag-training"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/disable-browser-sync-enterprise\/31378\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/disable-browser-sync-enterprise\/25361\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/disable-browser-sync-enterprise\/20800\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/disable-browser-sync-enterprise\/27971\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/disable-browser-sync-enterprise\/25649\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/disable-browser-sync-enterprise\/26089\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/disable-browser-sync-enterprise\/28537\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/disable-browser-sync-enterprise\/34836\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/disable-browser-sync-enterprise\/47460\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/disable-browser-sync-enterprise\/20312\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/disable-browser-sync-enterprise\/20930\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/disable-browser-sync-enterprise\/29904\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/disable-browser-sync-enterprise\/25960\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/disable-browser-sync-enterprise\/31671\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/browsers\/","name":"browsers"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/31378","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/2731"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=31378"}],"version-history":[{"count":0,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/31378\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/31379"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=31378"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=31378"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=31378"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}