When it comes to choosing laptop devices, there are a variety of factors to consider. For users who only need access to cloud services and where budget is a prime consideration, Chromebooks are inexpensive and come with a variety of ‘built-in’ security features. 
- Chromebooks have automatic updating of their operating system, which is an excellent feature. Unfortunately, even with this level of automation, there is no guarantee that a zero-day exploit1 will be quickly remediated.
- Chromebooks have verified boot, a check to ensure that the system has not been tampered with at startup.
- Chromebooks use sandboxing, which is a method to limit the impact of an infection.
- Chromebooks also have built-in disk encryption. This is an excellent feature that prevents criminals from retrieving data from a stolen or lost laptop, but it is only as good as the strong passwords with Multi-Factor Authentication (MFA) used to protect them. While you can set up a PIN to conveniently log in, this method is much less secure and should be avoided.
- Finally, Chromebook Recovery is an option that can be used to restore the Chromebook to a previous state. While this could get rid of malware, it might also delete important data in the process.
Despite all these protections, Chromebooks, like many other devices, are not invulnerable to attack. However, Chromebook users are often lulled into a false sense of security due to the built-in security features it offers.
Chrome OS may keep many viruses off your device, but it does not prevent all types of malware attacks. Cybercriminals can still compromise your personal information, steal your data, and hijack your online accounts with a variety of methods, such as:
- Fake Chrome extensions.
- Scam Android apps.
- Data-stealing phishing sites.
- Website trackers.
- Unsecured public Wi-Fi.
- Data breaches.
All the integrated security features will not protect you if you are using an unsecured Wi-Fi connection. An encrypted disk will not prevent a cybercriminal from accessing your drive if they are able to retrieve your credentials from a phishing site or through another method. Also, it is possible to store data in an unencrypted portion of the drive, which may leave it accessible to others, including cybercriminals.
Care should be taken to ensure that all files and other data are saved to default and secure locations. Furthermore, protecting your account with a strong password, Multi-Factor Authentication, and locking your device when not in use will help prevent unauthorized access.
While Chromebooks have an excellent array of security features built in, that does not mean you can ignore basic cyber hygiene. Caution should still be taken with your account, your connections, and your installed applications.
The steps above will go a long way to restricting unauthorized access when in use, protecting not just your files and data, it will help prevent WiFi and other credentials from being compromised.
Finally, when it is time to discard your Chromebook, we recommend contacting an IT Asset Disposition (ITAD) specialist to ensure that the data is completely inaccessible. Developing good cyber habits are key to continued risk avoidance and data compromise.
As we have stated above, while you are using your Chromebook, remain vigilant and cautious to protect yourself and your data. When you are done with it, an ITAD specialist will take the same care to prevent unauthorized data access in the future.
1 Zero day exploit or attack is the term used to describe the threat of an unknown security vulnerability in a computer software or application for which either the patch has not been released or the application developers were unaware of or did not have sufficient time to address.
