Admin Insider: What's new in Chrome Enterprise, Release 68

If you’ve deployed Chrome Browser or Chrome OS in your business, you probably know that we update the platform roughly every six weeks with new features. To help you understand what these new features and enhancements mean for enterprises, we’ll be publishing regular updates to coincide with the latest Chrome Enterprise beta releases.

To kick things off, here are just a few of the new features available in Chrome Enterprise 68.

Alert users when they visit unencrypted sites.

Security on the web is more important than ever, and we want to do our part to keep businesses and users protected. As we announced in February, Chrome Browser will start to alert users that HTTP sites are “not secure” beginning with Chrome 68. You’ll start to see these alerts in your browser this month, so you may want to consider giving your users a heads up. If you have internal or third-party apps that are still in the process of migrating to HTTPS, and you want to avoid displaying a warning to users, you can also choose to disable this notification on a per-domain basis.

Allow users to sign in through a PIN code anytime

For users who frequently need to log in and out of devices without an accessible keyboard—for example, a retail associate using a tablet—numeric passcodes can be a necessity. Although logging in through numeric PIN has been available on Chrome OS for some time, it was previously only allowable after the first sign-in. With Chrome 68, sign-in through a numeric PIN code is now available at any time. Note that we suggest that you require a minimum of six digits for PINs.

Enable automatic re-enrollment

If managing devices is one of your responsibilities, the occasional loss or theft of a device is inevitable. In the past, if a misplaced device was wiped remotely and then later recovered, a user would need to enter their credentials into that device for it to re-enroll into your domain.

With Chrome 68, managed Chrome OS devices will automatically re-enroll once they connect to a network, eliminating the need for users to enter their credentials to complete the re-enrollment step. This feature will be rolled out incrementally, and will become the default for new customers as well as existing customers who have not changed the default forced re-enrollment setting.

If you choose, you can still require users to enter their credentials to re-enroll recovered devices, and use enrollment permissions to prevent specific users from being able to re-enroll through that process. More information on wiping and enrolling devices can be found on our help center.