How Secure Are Chromebooks?

Chromebooks are netbooks running Chrome OS, Google’s Linux-based Operating System. Operating more like a tablet or smartphone operating system than a traditional Windows or Apple laptop, the Chromebook’s ‘baked-in’ security makes them one of the most secure portable computing options around.

Out of the box, a Chromebook includes the following security features designed to protect the device itself and the data it holds:

Verified Boot
When the Chromebook boots it performs a self-check to make sure the system hasn’t been modified or corrupted in any way, and will automatically repair itself if it detects anything out of the ordinary. This means that if any malware or otherwise does change or attempt to modify the system files, the Chromebook will pick this up and return to normal on every boot.

Automatic Updates
Updating Chromebooks happens automatically ensuring they always run at the latest, and most secure version of the Operating System. This means that enhancements and security fixes are installed as soon as they are available, with no user input needed.

Sandboxing
When you open an application or even a web page on a Chromebook, it runs in an isolated environment called a ‘sandbox’. This means that if an application or website is infected, it is only that application or browser tab that is affected- the malicious software cannot escape the sandbox to attack any other application or web page.

Encryption
All Chromebook data is encrypted by default. This means that only the user that the data belongs to is able to access it, and the data is safe even if the local disk is removed and attached elsewhere.

Trusted Web Apps
Unlike Windows or Apple Operating Systems, it is not possible to just install software onto a Chromebook. All software must be installed in the form of a ‘Web App’ from Google’s trusted web store, which means it’s much harder for malicious software to find it’s way onto your device.

Guest mode
A Chromebook can also be operated in Guest Mode, a form of ‘Kiosk’ setup that gives stateless access to the Chromebook. Each Guest mode session starts with no web apps installed (nor can any web apps be installed) and Guest users have no access to any other data on the Chromebook. Once the Guest session has ended, all data from the session is wiped without trace. This means that Chromebooks are ideal for sharing without risk of data being compromised.

Although gaining in popularity, Chromebooks are still far less prevalent than Windows or Apple computers and as such are less of an attractive target for cyber criminals to attack- the above security features also act as further deterrent. For context, since launch in 2010 to the end of 2019 Chrome OS has only been affected by 55 security flaws, compared with over 1100 flaws affecting Windows OS in the same timeframe, and 2200 affecting Apple OSX in it’s 20 year lifespan.