Jump to content
Get in touch Download Chrome

Snap: Leveraging the power of Chrome Enterprise for secure enterprise browsing

Overview

Snap Inc. (Snap) selected Chrome Enterprise as its enterprise browser and ChromeOS due to its robust security foundation. As a cloud-native company, Snap required a security strategy that could adapt to the rapidly evolving threat landscape. With a large, global workforce, Snap also needed a scalable solution that would empower employees to work securely from any location using Snap-managed Chrome browsers and ChromeOS devices while implementing safeguards to prevent data loss.

By implementing Chrome Enterprise Premium, Snap has successfully utilized a secure enterprise browsing solution to protect its data, significantly enhance visibility into its Chrome deployment, and enable zero-trust access to over 400 internally built and Google Workspace applications.

Building on a strong foundation

  • Snap has been managing Chrome Enterprise for over four years and managing Chromebooks for over six years.
  • Snap uses Chrome Enterprise Core, Chrome’s cloud-based management solution, to manage browsers within their organization which seamlessly integrates with our zero trust architecture, automatically pushing out patches to protect our entire fleet of Chromebooks in a matter of days.
  • They have also benefited extensively from extension management and advanced security capabilities, including data loss prevention (DLP) with Chrome Enterprise Premium. DLP capabilities have reduced sensitive content transfers.
  • Snap implemented Chrome Enterprise Premium as a zero trust solution to secure access to their over 400 internally built apps and Google Workspace apps such as gmail, sheets and docs.

“Snap consciously chose Chrome Enterprise, ChromeOS, and Workspace to gain a stronger security posture. In our long standing usage of Google’s enterprise products, we have measurably improved enterprise security through defense in depth anti-ATO controls, reduced browser attack surface by selecting and hardening Google Chrome as our Secure Enterprise Browser and leveraged Chrome DLP to reduce sensitive data transfers. As we observe the consistent flow of consequential security incidents in the industry with competitive products, we made the right decision by partnering deeply with Google to protect Snap”.

– Nick Reva, Head of Enterprise Security Engineering, Snap

Flexibility and security with one secure enterprise browser

Six years ago, Snap chose Chrome Enterprise as its secure enterprise browser, trusting Chrome's expertise in browser security. Backed by Google's security team and rapid security patch deployment, Chrome Enterprise has consistently supported Snap's evolving needs.

Snap also wanted to mitigate the risks associated with extensions, particularly those with high-risk permissions. They turned to Chrome Enterprise for help.

"Leveraging CRXcavator extension risk assessment data via Chrome Enterprise Core, our team was able to block high-risk extensions and allow a small curated set of essential extensions across managed browsers at Snap," said Vaidehi Thakur, Enterprise Security Engineer at Snap. "This restricted the installation of potentially harmful extensions that have excessive permissions, resulting in a much safer browsing experience.This is particularly impactful with the recent consequential supply chain tampering attacks targeting chrome extensions.

To ensure secure access to specific extensions, employees now have the option to submit requests to the security team, who will then vet and approve usage on a case-by-case basis.

As Snap's security team became aware of employees exploring generative AI tools, Chrome enabled them to implement controls to quickly reduce risky data transfer and unsanctioned SaaS access.

"We configured data loss prevention (DLP) rules to help mitigate risky transfers of sensitive information like source code and other sensitive data types," explained Nick Reva, Head of Enterprise Security Engineering at Snap. By enabling these data protection features out of the box, Snap has seen a reduction in risky data movement as well as guided end-user behavior changes. We have achieved this reduction without the need for traditional heavyweight CASB or SASE like solutions”.

To build on this momentum, Snap is leveraging the Chrome advanced security visibility and data loss prevention observability in an effort to help map the movement of sensitive data across corporate devices. They are also working on an innovative capability to provide real-time coaching to users engaged in riskier behavior with a Chrome extension.

"Using Chrome log events, we're able to cross-reference visited domains with our internally allowlisted SaaS domains," said Alisha Sharma, Enterprise Security Engineer at Snap. "We're currently working on an initiative with the goal of building a tool that can automatically warn and block any unsanctioned SaaS usage in order to ensure that content is flowing through safe, vetted domains. Implementing DLP with Chrome Enterprise Premium and the information it provides allows us to get closer to that goal."

In order to further protect their application ecosystem, Snap expanded their Chrome Enterprise Premium implementation to include Google native applications and are working on support for mobile. The implementation will allow them to ensure that access to the most critical Snap applications is only allowed from compliant devices and company-managed Chrome browsers.

"Finding a solution to allow bring-your-own-device (BYOD) access is critical to the future expansion of Chrome Enterprise Premium at Snap," said Mark Laubender, Enterprise Security Engineer at Snap". In 2025 we are working to allow secured mobile access to enhance our mobile security posture from trusted company managed devices while keeping Snap an employee productivity-centric work environment, which delights our employees.”

Striking the right balance between productivity and security is paramount to Snap and requires IT and Security Engineering teams to partner to enable a seamless solution for their large global workforce.

Because Snap’s workforce is already very familiar with Chrome, leveraging deeper, built-in security controls through Chrome Enterprise was the clear choice for Snap. Building on the foundation with Chrome they’ve set over six years, enabling Chrome Enterprise Premium was a snap!

About Snap Inc.

Snap is a California-based technology and social media company that owns brands such as Snapchat, Spectacles and Bitmoji.

Industry: Technology
Headquarters: Santa Monica, CA