FR - Managed users on Unmanaged devices
Reported by
arnauhe...@gmail.com,
Apr 8 2016
|
|||
Issue descriptionUserAgent: Mozilla/5.0 (X11; CrOS x86_64 7834.66.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.111 Safari/537.36 Platform: 7834.66.0 (Official Build) stable-channel swanky Steps to reproduce the problem: Use case: A network policy could be implemented to restrict managed users to access corporate network from a un-enrolled corporate devices. For example, a managed user can't access to some network interfaces (Ethernet or Wi-Fi) if its device has not been enrolled before. What is the expected behavior? Motivation: May be a risk here since unmanaged device could run into Developer mode then connect to a corporate network. In case of compromised managed accounts, anybody are able to access internal resources. Second reason is because BYOD is not entirely approved in most french companies (more than for technical reasons). What went wrong? Existing workarounds: no workarounds Did this work before? N/A Chrome version: 49.0.2623.111 Channel: stable OS Version: 7834.66.0 Flash Version: Shockwave Flash 21.0 r0
,
Apr 11 2016
We are in the design phase of a verified access solution that would come on top of the existing certificate enrollment extension. The current design would put the CES endpoint behind a proxy that first does VA and then calls back to get the certificate. That way, no Chromebook can get a cert without passing through a verified access check. This would require that all sensitive company resources be guarded by such a certificate though. We'll use this bug to track this work.
,
Aug 23
|
|||
►
Sign in to add a comment |
|||
Comment 1 by atwilson@chromium.org
, Apr 11 2016