Long story short: Endpoint Verification is typically used to get device attributes. It's a Chrome extension that collects data on the devices logged in to your organisational Google Account. Specifically, when endpoint verification is installed, your Chrome browser is open, and you're signed in with your managed Google Account, your administrator can see:
- Your device ID, serial number, type, and operating system.
- Your name and managed email address.
- The first and last time your computer synchronized work data, including any encryption and if the device has a password.
- Whether your device follows your organization’s policies (Chrome devices only).
Update: if you're a visual learner, you may want to hear the Cobry team discuss endpoint verification over a team meeting. If not, read below!
What is Endpoint Verification, and why is it important? Endpoint Verification allows Google Workspace admins to see corporate device status’, including Operating System, Device type, and User information.
As well as covering Google Workspace’s Endpoint Verification solution below, our previous blogs address the other aspects of managing corporate devices and data through Mobile Device Management and Chrome Device Management, which are both also included in Google Workspace.
Google is an organisation that was built in the cloud and has had security in mind from day one. This is evident when looking into its structure, technology, operations and its approach to customer data. The robust security infrastructure and systems have become the default for each and every workspace customer.
What is Endpoint Verification?
As mentioned, Endpoint Verification is a tool provided by Google Workspace that allows administrators to view information about devices that are accessing corporate data. To use Endpoint Verification in your organisation, you first need to install and be using Workspace in the Chrome Web Browser.
Once the technical configuration is complete and all devices are registered, admins will be able to see the below information:
- Device ID, serial number, device type, and operating system.
- Username and email address.
- The first and last time devices synchronized corporate data.
- If devices are encrypted and have a password.
- For devices running Chrome OS, admins can also see whether devices adhere to organization policies.
While corporate devices are the key to employee productivity, they can also be a weak link when it comes to application and data security if not properly managed.
Endpoint Verification gives admins an overview of the security posture of their laptop and desktop devices. This provides a great platform for maintaining security across the organisation. The tool is available to all Workspace Business and Workspace Enterprise customers and integrates with ChromeOS, macOS, Linux, Windows, iOS and Android devices.
Admins can tag endpoint devices running Chrome as approved or blocked as well as using the tag to configure access levels. They can also decide whether an additional review is needed for newly registered endpoint verification devices before they’re tagged as approved.
You can then view the entire inventory of devices that have access to corporate data. From there, admins can approve or block access to specific devices based on any internal criteria. Examples include lost devices, which can now be ‘blocked’ from accessing apps or approving new users who need to access applications as their job titles shift. Email notifications can also be set up for when a device is registered but needs admin approval.
Some of Google Chrome’s standard security features include Safe Browsing, sandboxing, and automatic updates to ensure that users are always protected from the latest viruses, malware, phishing attacks, and malicious sites.
Google Workspace admins can deploy Google Chrome across their organisation and customise it to their requirements. There are over 280 policies available to help admins control how Chrome is used across all devices. For example, automatic updates can be scheduled to get the latest security fixes, block or allow specific apps and websites, as well as configure support for legacy browsers.
Windows 10 Desktop Management
Enhanced desktop security for Windows allows you to manage and secure Windows 10 devices through the Workspace Admin console. It also enables Single Sign On (SSO) to allow users easy access to Workspace and other connected apps on Windows 10 devices.
Google Workspace admins can:
- Enable use of existing Workspace credentials to login to Windows 10 devices, and access apps and services with SSO
- Protect user accounts with anti-phishing, anti-hijacking, and suspicious login detection technologies
- Ensure that all Windows 10 devices used to access Workspace are updated, secure, and within compliance
- Perform admin actions, such as wiping a device and pushing device configuration updates to Windows 10 devices from the admin console
As official Google Cloud Partners, Cobry has deployed Workspace and configured Endpoint Verification for organisations of all sizes throughout Scotland and across Europe.
If your organisation is considering making the move to Workspace, or has already set up their account but would like some help with device management or any other aspects of Workspace, please get in touch via the form below or book a discovery call – we would be delighted to have a chat.