ActiveX?!
I guess, "it cannot die what wasn't alive in the first place".
Google is trying to give businesses a reason to ditch Internet Explorer by giving sysadmins a new set of tools for mass deployment of its own Chrome browser. The new “Chrome enterprise bundle” offers an MSI installer and ADMX templates that let sysadmins apply policies determined in Microsoft's Group Policy Object Editor. The …
There is a console now too if you do not want to use groups... or have more than just Windows. Same console as G Suite, Chrome OS, Android, etc management. Yes, you can stop or delay updates. You can also get access to beta and canary (alpha) builds of Chrome so you can test them prior to putting them into production.
Allegedly. It still doesn't work reliably and you have to bodge it in the background more often than not with registry keys. Either that or update the template every time they change the version number. Add on top the fact that it will insist on adding a scheduled task to run the update check as well and now hides that completely in Windows 10 (scripted delete works fine on Win 7, the task doesn't appear in 10 but keeps trying to run anyway) and I have my doubts over whether or not this one will actually function as intended or we have to carry on with multiple kludges.
With the sheer number of updates released it takes far more time than it should owing to the lack of that documentation or support as you simply don't know what you need to change in the GPO for this version to lock out the updater again. Cue much tinkering and cursing or a deluge of spam from the web gateways as everybody's system tries to check for updates at the same time and all get blocked at once...
My last employer (financial services) insisted (and still insists) on IE even as it's share dropped below 50%.
Which is all very well, for internal use. But meant we either ignored the market, or (what actually happened) provided better support for customers choice than internally.
FFS even Microsoft support Chrome on their Azure config site !!!
I don't think management cares if it is under 50% or even 5%. They care for what works with they got. If Chrome doesn't work with a company application, they won't allow it.
Same if they can't manage it well. After years Google finally got a brain and released enterprise tools.
It is not a popularity contents when it comes to companies.
"It is not a popularity contents when it comes to companies."
End user tech is always a popularity contest. IT can fight it until users are coming for their heads or not, but it is a popularity contest. Remember how BlackBerry was "enterprise grade" with the BES servers set up... then people got iPhones and Androids. BlackBerry is gone. Or when the CMO got a new Mac and IT said it wasn't the company standard. The Mac is now supported. Or when iPads came out and everyone wanted to use them for some reason. iPads were supported, iOS apps were written, etc. Or, if we go way back to the 90s, when Lotus was the enterprise standard but people were using Office at home. Lotus was completely replaced (now everyone is using Gmail/Google Apps at home, so spoiler alert). Chrome is already the majority browser in most enterprises, the users want it, and so I'm sure it will eventually become the standard.
It does make sense. IT is supposed to be enabling the end users.
Chrome has had an MSI installer and Group Policy templates for several years, they just weren't well documented, supported or publicised.
I rolled out Chrome five years ago as a second browser in a financial services company that was still on XP at the time (and IE7/8). It was locked to prevent auto-update (we distributed updates through SCCM), it directed through the proxy and a whitelist and blacklist for extensions.
"Well, you'd want the most popular targetted browser on your intranet, wouldn't you?"
Well I would assume it is the most targeted browser as it is overwhelmingly the most popular browser on every platform. Which is kind of impressive as Windows PCs default to IE/Edge and most people go out of their way to download Chrome. Firefox is even passing IE/Edge.
Errrr. Would you want to deploy a web browser that has had more vulnerabilities than IE for [at least] the last 3 years in a row? See https://cve.mitre.org/
In addition, before deploying Chrome, you need to verify if internal web based apps work with it and if not, whether worth it to make it compatible.
Most companies won't give a crap whether it is popular. They do, however, need to figure out if they want to support another web browser.
"Would you want to deploy a web browser that has had more vulnerabilities than IE for [at least] the last 3 years in a row?"
If that is true, not sure, it is probably because Chrome is the most popular browser by huge margins. More users and developers means more uncovering. Same reason why, or one of the reasons why, Windows used to have far and away more vulnerabilities found than any other OS in the 90s... that's what most people were using.
"In addition, before deploying Chrome, you need to verify if internal web based apps work with it and if not, whether worth it to make it compatible."
That's why Google created the legacy compatibility mode mentioned in the article.
"They do, however, need to figure out if they want to support another web browser."
IE is being replaced by Edge anyway... as long as you are switching anyway, might as well switch to what everyone wants and will use anyway unless you want to police state devices.